[UK] GDPR to be scrapped in favour of own data privacy regime

[UK] GDPR to be scrapped in favour of own data privacy regime
07 Oct 2022

The European Union’s data privacy regime - the General Data Protection Regulation (GDPR) - will be scrapped in the UK and replaced with an alternative system, Personnel Today reports. 

Digital and culture secretary Michelle Donelan made the announcement at the Conservative Party conference saying the proposed new system, details of which have not yet been revealed, will be simpler and clearer for businesses to navigate.

“No longer will our businesses be shackled by lots of unnecessary red tape,” Ms Donelan said. “We will be replacing GDPR with our own business and consumer-friendly British data protection system.

“Our plan will protect consumer privacy and keep their data safe, whilst retaining our data adequacy so businesses can trade freely.”

The GDPR - intended to enhance individuals’ rights to their own personal data - took effect across the UK, the EU and the European Economic Area (EEA) in May 2018. It reportedly applies to all businesses that process data held by anyone in these regions, regardless of where the business is based.

The Data Reform Bill introduced this summer is on hold while ministers review their approach. Former digital and culture secretary, Nadine Norris, said in June that measures in the bill would increase financial penalties for those pestering people with nuisance calls and minimise the number of cookie pop-ups people see on the internet.

Ms Donelan’s speech in Birmingham followed the Prime Minister announcing the exemption of tens of thousands of employers from reporting obligations such as gender pay gap reporting as part of a “sweeping package of reforms to cut red tape”.

Currently, small and medium-sized businesses with fewer than 250 employees are exempt from regulatory requirements such as gender pay gap and executive pay ratio reporting.

On October 3, the UK government reportedly increased this threshold to 500 employees for all new regulations under development and said that it would apply this to retained EU law as part of plans to reform regulations it considers to be “bureaucratic and burdensome on businesses”.

Natalie Cramp - CEO of data science company Profusion - said, “The announcement that the government will pause its reform of GDPR in favour of introducing a new data bill adds more unwelcome uncertainty for UK businesses.

“On a practical level it’s difficult to see how a new bill could be written and passed with adequate consultation ahead of the next General Election. As Labour has a very different take on GDPR, it’s very hard to say what the final outcome will be.

“We could see the Conservatives passing this legislation in 2024, a Labour government confirming that GDPR will remain, or an entirely different approach which may not be finalised until 2025 or beyond.”

Labour MP Chris Bryant said, “This is madness. UK companies will still have to abide by GDPR if they want any online business in the European Union (as other non-EU companies already do). So UK divergence will simply mean UK double costs.”

Northern Ireland offered more robust opposition to Ms Donelan’s announcement. Speaking to the Belfast Telegraph, SDLA assembly member Matthew O’Toole said, “Data protection laws are a fundamental part of how businesses, governments and civil society have to operate in the digital age.

“If the Tories force through a pointlessly divergent UK data regime it could threaten a vast range of everyday activity on a north-south basis.

“As the SDLP has repeatedly said, the [Northern Ireland] Protocol only protects some north-south activity, but the hard Brexit fantasy projects of the Truss government threaten a whole series of others.

“From payroll services to cross-border workers, to healthcare, to a whole gamut of north-south investment and economic activity, to the simply everyday activities of sporting bodies, churches and trade unions – if data cannot move freely between north and south it will be devastating.”


Source: Personnel Today

(Links and quotes via original reporting)

The European Union’s data privacy regime - the General Data Protection Regulation (GDPR) - will be scrapped in the UK and replaced with an alternative system, Personnel Today reports. 

Digital and culture secretary Michelle Donelan made the announcement at the Conservative Party conference saying the proposed new system, details of which have not yet been revealed, will be simpler and clearer for businesses to navigate.

“No longer will our businesses be shackled by lots of unnecessary red tape,” Ms Donelan said. “We will be replacing GDPR with our own business and consumer-friendly British data protection system.

“Our plan will protect consumer privacy and keep their data safe, whilst retaining our data adequacy so businesses can trade freely.”

The GDPR - intended to enhance individuals’ rights to their own personal data - took effect across the UK, the EU and the European Economic Area (EEA) in May 2018. It reportedly applies to all businesses that process data held by anyone in these regions, regardless of where the business is based.

The Data Reform Bill introduced this summer is on hold while ministers review their approach. Former digital and culture secretary, Nadine Norris, said in June that measures in the bill would increase financial penalties for those pestering people with nuisance calls and minimise the number of cookie pop-ups people see on the internet.

Ms Donelan’s speech in Birmingham followed the Prime Minister announcing the exemption of tens of thousands of employers from reporting obligations such as gender pay gap reporting as part of a “sweeping package of reforms to cut red tape”.

Currently, small and medium-sized businesses with fewer than 250 employees are exempt from regulatory requirements such as gender pay gap and executive pay ratio reporting.

On October 3, the UK government reportedly increased this threshold to 500 employees for all new regulations under development and said that it would apply this to retained EU law as part of plans to reform regulations it considers to be “bureaucratic and burdensome on businesses”.

Natalie Cramp - CEO of data science company Profusion - said, “The announcement that the government will pause its reform of GDPR in favour of introducing a new data bill adds more unwelcome uncertainty for UK businesses.

“On a practical level it’s difficult to see how a new bill could be written and passed with adequate consultation ahead of the next General Election. As Labour has a very different take on GDPR, it’s very hard to say what the final outcome will be.

“We could see the Conservatives passing this legislation in 2024, a Labour government confirming that GDPR will remain, or an entirely different approach which may not be finalised until 2025 or beyond.”

Labour MP Chris Bryant said, “This is madness. UK companies will still have to abide by GDPR if they want any online business in the European Union (as other non-EU companies already do). So UK divergence will simply mean UK double costs.”

Northern Ireland offered more robust opposition to Ms Donelan’s announcement. Speaking to the Belfast Telegraph, SDLA assembly member Matthew O’Toole said, “Data protection laws are a fundamental part of how businesses, governments and civil society have to operate in the digital age.

“If the Tories force through a pointlessly divergent UK data regime it could threaten a vast range of everyday activity on a north-south basis.

“As the SDLP has repeatedly said, the [Northern Ireland] Protocol only protects some north-south activity, but the hard Brexit fantasy projects of the Truss government threaten a whole series of others.

“From payroll services to cross-border workers, to healthcare, to a whole gamut of north-south investment and economic activity, to the simply everyday activities of sporting bodies, churches and trade unions – if data cannot move freely between north and south it will be devastating.”


Source: Personnel Today

(Links and quotes via original reporting)

Leave a Reply

All blog comments are checked prior to publishing