View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Policy
  2. Privacy and data protection
May 10, 2022updated 31 Oct 2022 12:15pm

UK government confirms plans to remove ‘cumbersome aspects’ of GDPR

Queen's Speech confirms UK GDPR reform plans, after minister tells Tech Monitor the rules have made people 'risk averse'

By Matthew Gooding

The UK government confirmed plans to reform the country’s data laws in today’s Queen’s Speech, which sets out its legislative programme for the months ahead. Details of the Data Reform Bill, which will replace the UK’s implementation of the EU’s General Data Protection Regulation (GDPR), have yet to emerge, but data minister John Whittingdale said at Tech Monitor‘s Digital Responsibility Symposium last week that the government plans to remove the “cumbersome aspects” of GDPR that have made people “risk averse” when it comes to sharing data.

Other experts at the event agreed that UK GDPR is ripe for reform, but called on the government to make sure that the benefits of data sharing are enjoyed by the “whole of society”. They added that the UK reforms could influence the evolution of data rules around the world.

UK GDPR
Data minister John Whittingdale MP told Tech Monitor‘s Digital Responsibility Symposium on Thursday that the UK government agrees with ‘the principles that underlie’ GDPR. (Photo by PoppyPixels/iStock)

In the speech to Parliament this morning, Prince Charles laid out the government’s intentions in a wide range of areas including data. “The United Kingdom’s data protection regime will be reformed,” he told MPs.

Details of the proposed changes have yet to be revealed, but Sky News reported earlier this week that a draft bill could emerge in a matter of weeks. The bill follows a consultation that closed last autumn, which attracted responses from across the tech community and beyond.

Data Reform Bill: Why is the UK moving away from GDPR?

The UK government has made clear its intention to move away from GDPR since leaving the EU, and hopes to establish a more agile regime. Proponents of the change, including chancellor Rishi Sunak, believe the UK can set its own data laws without endangering its data adequacy agreement with the EU, which allows data to flow between companies in the UK and EU.

However, this could be risky as, if the EU feels the UK government plans do not protect the data of its citizens sufficiently, the adequacy agreement could be revoked.

During a panel at Tech Monitor’s Digital Responsibility Summit on Friday, John Whittingdale MP, minister of state for media and data, said the government is not set on “dismantling GDPR”. “We continue to agree with the principles that underlie [GDPR], but we believe there are opportunities to deliver that standard of data protection in a less burdensome and obstructive way, which is why we’ve embarked on a programme of reform,” Whittingdale explained.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

Whittingdale added that the government’s view is that GDPR has made people “risk averse”. “One of the things we’re keen to address is that people have become quite risk averse because of the complexities of GDPR and the different provisions and they’ve therefore tended to err on the side of caution and not share data,” he said. “We think there’s a lot of scope to clarify how the rules operate and remove some of the more cumbersome aspects.”

He added that UK GDPR reforms could help the government strike data-sharing agreements with other countries around the world, which would enable more data to flow freely. “The EU has been slow to reach data transfer agreements with third countries. We want to do that quickly and allow data to flow between us and them without impediment,” Whittingdale said. “It’s a big programme. A lot of it will require legislation.”

What should UK GDPR look like?

Other panellists agreed that some changes to GDPR could be beneficial. Bojana Bellamy, president of the Centre for Information Policy Leadership thinktank, said “a growing body of laws is stopping data flowing across borders and this is really impeding everybody from SMEs to large companies to consumers.”

She added that UK GDPR changes “can ensure better, more streamlined, less bureaucratic data flows so that we can all benefit from data. That means taking the next step from where GDPR is at the moment.”

Bellamy said that applying a less prescriptive approach could improve data flows. “That means not putting a burden on organisations that don’t create risks [around data], but doing it for those where there could be risk,” she explained. “GDPR is very prescriptive and I think the effect is bureaucracy and not effective protection or data use.

“Provisions on better use of data for research, both scientific and private R&D, is critical,” Bellamy added. “GDPR hasn’t quite enabled that, and some of the tweaks the UK could make will enable that to work better.”

She said that other countries will be looking to the changes coming to UK law as a guide to how their data regimes should develop. “This is going to have an impact on the rest of the world, including Europe, to evolve these rules.”

The new laws must ensure everyone in society can benefit from free data flows, argued another panellist, Dr Mahlet Zimeta, head of public policy at the Open Data Institute. “It’s really important that the benefits of changes and the digital economy as a whole must be inclusive and sustainable,” she said. “We must make sure economic growth arising from data flows is inclusive and benefits all communities, not just multi-national corporations or social groups that are already benefiting.

Data flows have a role to play in this, Dr Zimeta explained. “We must ensure data is representative and relevant to a wide range of use cases and not just highly commercial, highly lucrative, ones, use cases that are relevant and useful to all communities,” she said. “That’s what I’d like to see, a regime that ensures data works for the whole of society.”

Register here to watch the full panel from Tech Monitor‘s Digital Responsibility Summit on demand

Topics in this article : , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU