New Data Protection Bill introduced to Parliament

Following the Statement of Intent published in August 2017, the new Data Protection Bill has now been introduced to Parliament and it had its first reading in the House of Lords on 13 September 2017. The second reading in the House of Lords, which will include a general debate on all aspects of the Bill, is due to take place on 10 October 2017.

Once enacted, the Bill will replace the current Data Protection Act 1998 (DPA) to provide a comprehensive updated legal framework for data protection in the UK, supplemented by the EU General Data Protection Regulation (GDPR) until the UK leaves the EU. The GDPR will have direct effect in the UK from 25 May 2018. Therefore, until the UK leaves the EU, the GDPR will operate in tandem with the Bill. When the UK then leaves the EU in March 2019, the government will restore a wholly domestic basis to our data protection laws but the Bill allows for the continued application of GDPR standards.

The government has said that the Bill will make data protection laws fit for the digital age in which an ever-increasing amount of data is being processed and it will empower people to take control of their personal data by giving them new rights to transfer or erase their data, including a right to be forgotten. It has announced that the Bill will:

• Replace the DPA.
• Preserve existing exemptions that have worked well in the DPA, carrying them over to the new law (see below).
• Ensure that the UK is prepared for the future after we have left the EU.

The Bill will include exemptions for data processing in the following areas:

• Processing of personal data by journalists for freedom of expression and to expose wrongdoing is to be safeguarded.
• Scientific and historical research organisations such as museums and universities will be exempt from certain obligations which would impair their core functions.
• National bodies responsible for the fight against doping in sport will continue to be able to process data to catch drug cheats.
• In the financial services sector, the pricing of risk or data processing done on suspicion of terrorist financing or money laundering will be protected.
• Where it is justified, the Bill will allow the processing of sensitive and criminal conviction data without consent, including to allow employers to fulfil obligations of employment law.

The Information Commissioner’s Office (ICO) will be given more power to defend consumer interests and issue higher fines, of up to £17 million or 4% of global turnover, in cases of the most serious data breaches.

The government has also published a number of useful factsheets on the Bill.

Posted in Employment Law

Exeter Accountant MJ Smith & Co

Celebrating 25 years of excellence.

Free 1st Meeting
Fixed Fees
Free Support!

Find out more

Client Portal Login

Forgot Password?

Latest News

What is a PET?

Most gifts made during a person’s life are not subject to tax at the time of the gift. These lifetime …
Read More

Don’t forget to handout P60s

The deadline for employers to provide employees with a copy of their P60 form is by 31 May 2018. A …
Read More

Claiming for job related expenses

Employees who use their own money to buy things they need for their job can sometimes claim tax relief for …
Read More

Twitter Feed