New Data Protection Bill introduced to Parliament

Following the Statement of Intent published in August 2017, the new Data Protection Bill has now been introduced to Parliament and it had its first reading in the House of Lords on 13 September 2017. The second reading in the House of Lords, which will include a general debate on all aspects of the Bill, is due to take place on 10 October 2017.

Once enacted, the Bill will replace the current Data Protection Act 1998 (DPA) to provide a comprehensive updated legal framework for data protection in the UK, supplemented by the EU General Data Protection Regulation (GDPR) until the UK leaves the EU. The GDPR will have direct effect in the UK from 25 May 2018. Therefore, until the UK leaves the EU, the GDPR will operate in tandem with the Bill. When the UK then leaves the EU in March 2019, the government will restore a wholly domestic basis to our data protection laws but the Bill allows for the continued application of GDPR standards.

The government has said that the Bill will make data protection laws fit for the digital age in which an ever-increasing amount of data is being processed and it will empower people to take control of their personal data by giving them new rights to transfer or erase their data, including a right to be forgotten. It has announced that the Bill will:

• Replace the DPA.
• Preserve existing exemptions that have worked well in the DPA, carrying them over to the new law (see below).
• Ensure that the UK is prepared for the future after we have left the EU.

The Bill will include exemptions for data processing in the following areas:

• Processing of personal data by journalists for freedom of expression and to expose wrongdoing is to be safeguarded.
• Scientific and historical research organisations such as museums and universities will be exempt from certain obligations which would impair their core functions.
• National bodies responsible for the fight against doping in sport will continue to be able to process data to catch drug cheats.
• In the financial services sector, the pricing of risk or data processing done on suspicion of terrorist financing or money laundering will be protected.
• Where it is justified, the Bill will allow the processing of sensitive and criminal conviction data without consent, including to allow employers to fulfil obligations of employment law.

The Information Commissioner’s Office (ICO) will be given more power to defend consumer interests and issue higher fines, of up to £17 million or 4% of global turnover, in cases of the most serious data breaches.

The government has also published a number of useful factsheets on the Bill.

Posted in Employment Law

Exeter Accountant MJ Smith & Co

Celebrating 25 years of excellence.

Free 1st Meeting
Fixed Fees
Free Support!

Find out more

Client Portal Login: Onvio

Forgot Password?

Latest News

Change to the off-payroll working rules

As part of a review into changes to the operation of the off-payroll working rules (IR35), HMRC has announced that …
Read More

Employer toolkit for EU Settlement Scheme published

Following Brexit, the government has published an updated toolkit for employers on how to support their employees who are EU …
Read More

A reminder – badges of trade

The 'badges of trade' tests, whilst not conclusive, are used by HMRC to help determine whether an activity is a …
Read More

Twitter Feed