Changes to UK Data Protection Rules

A revamped ICO

In a press release, the government announced an overhaul of the Information Commissioner’s Office (ICO) to “help drive economic growth and strengthen public trust in use of data”.

The Digital Secretary, Oliver Dowden, announced on 9 September 2021 that a consultation would open to consider the shape of the ICO in the wake of Brexit and the COVID-19 pandemic, saying that an approach “based on common sense, not box-ticking” was needed.

Back in August Dowden was reported to be against the “endless” cookie pop-ups that seek user consent to store personal data, as he announced the successor to Elizabeth Denham, John Edwards, as the expected new head of the ICO.

Edwards, currently the New Zealand Privacy Commissioner, was quite public with his opinions in relation to the Facebook/Cambridge Analytica data misuse issue in 2018, and before taking the role in NZ was a barrister focussing on information and privacy law.

Denham’s term expires on 31 October 2021, so we’ll know closer to the time whether Edwards is the new Information Commissioner.

What about the GDPR?

Back in June 2021 the ‘adequacy decision’ from the EU meant that, despite Brexit, personal data could continue to flow between the UK and the EU.

Any changes to the Data Protection Act in the UK, however, would need to maintain the standards required for the adequacy decision. If the UK goes too far in liberalising data protection legislation, the European Commission has the right to revoke the decision, making data transfers with the EU more complicated.

And what about Privacy?

The outline of the consultation states that the government wants to “simplify data use by researchers and developers of AI and other cutting-edge technologies” and “build on the unprecedented and life-saving use of data to tackle the COVID-19 pandemic”.

These suggest that the intention is to reduce some of the provisions in place that protect data from use unless certain conditions are met (for example, the person provides their consent for their data to be used).

There are numerous examples, with medicine and healthcare being good ones, where easier use of data could be beneficial for the ‘greater good’. It might make regulation more complex though; it’s OK for an ambulance to exceed the speed limit and run red lights when transporting a critically ill person to hospital, but not when it isn’t. How will distinctions be drawn where data is concerned? We’ll have to wait and see.

Laptop at home with coffee and childrens toys

Is working from home secure?

Warning issued that Russian cyber attacks targeting remote working are increasingly likely in retaliation to the West’s continued support for Ukraine.

April 26, 2022

WEBINAR: Cyber Security for Small & Growing Businesses: What’s important?

We would like to extend a warm invitation for you to join us at our Cyber Security Webinar. Over the past few years, technology has

March 17, 2022

Changes to UK Data Protection Rules

Share This Post

A revamped ICO

What about the GDPR?

And what about Privacy?

Subscribe to our newsletter for the latest IT info, straight to your mailbox!

More To Explore

Is working from home secure?

WEBINAR: Cyber Security for Small & Growing Businesses: What’s important?

Do you need help getting on top of your IT?

Get in touch and see how we can help you

Subscribe to our newsletter for the latest IT info, straight to your mailbox!

Follow Us

© 2021 All Rights Reserved