View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Leadership
  2. Governance
March 8, 2023

The benefits of the UK’s new data protection laws are there for the taking

Passage of the Data Protection and Digital Information Bill should be prioritised so that businesses can benefit sooner rather than later.

By Julian David

After a long wait, on 8 March the UK government finally introduced the Data Protection and Digital Information (DPDI) Bill II into parliament for its first reading. The new legislation enhances and replaces the reforms originally proposed to the UK GDPR by the first DPDI Bill, published last summer.

That first bill faced a difficult task: balancing reforms which could promote data-driven innovation while supporting good data flows with partners such as the EU, withstanding scrutiny from a UK-based independent regulator, and maintaining a high standard of data protection rights. Although the original bill captured this balance reasonably well, techUK and other business groups across the UK had urged the government to take a more ambitious and bolder approach to reform – not least to address the barriers organisations face when trying to innovate with data and deliver basic business services.

That is what DPDI II is trying to deliver. Through informal consultation with a range of stakeholders, including techUK, the UK government has set out five key areas they have targeted for further reform: legitimate interests, scientific research, reducing compliance for low-risk processing, international transfers, and automated decision-making.

The introduced changes point to a welcome understanding from government on the opportunities the DPDI Bill presents the UK and businesses across the country. Reforming the UK GDPR, which has often complicated processes for businesses and individuals alike, is also an opportunity for Whitehall to address the biggest challenges organisations face when handling personal data.

One Login for Government: A user is logging into a mobile security app, and is being asked for a password
DPDI II should make it easier for businesses to handle personal data – and improve customer protections into the bargain. (Photo by Tero Vesalainen / Shutterstock)

Making the new data protection regulations work

Even so, there are still outstanding questions on how some reforms will work in practice. While an opt-out model for cookie consent and new obligations around tracking and reporting unwanted calls will be a relief for people bombarded day in, day out by telephone marketers or worse, it is yet to be clarified how tech businesses will need to work with government in order to make sure these provisions become a workable reality.

The real test of the bill’s importance and resilience will be whether it can survive scrutiny from both houses of parliament during its passage to royal assent. In this process, it’s vital for parliamentarians to consider that, unlike legislative files such as the Online Safety Bill – where implementation of the regime will start from scratch – the privileges of the DPDI Bill II can be leveraged as soon as the bill commences, as all companies using personal data will already be UK GDPR-compliant.

This means the sooner the bill is passed, the sooner organisations of all sizes can take advantage of the new proposals which enable them to leverage data to solve challenges like advancing medical research, clamping down on fraud and increasing productivity by delivering basic business services with ease. With that said, we’re one step closer to getting the bill over the line than before. Considering its complexity and political sensitivity, it’s a milestone worth celebrating.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

Read more: Government launches new version of UK’s post-Brexit GDPR replacement

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU