The U.K. government formally introduced a bill to reform the country’s data privacy laws in a manner projected to save British businesses “billions.”
The Data Protection and Digital Information Bill was put forward by Technology Secretary Michelle Donelan on Wednesday. The bill, originally announced in June, seeks to reduce what the United Kingdom believes to be unnecessary burdens on businesses under the European Union’s General Data Protection Regulation (GDPR).
Changes under the bill would include scaling back processing record requirements, reducing the amount of cookie banners, and simplifying the legal requirements around obtaining consent over the use of personal data to carry out medical and scientific research. Companies’ use of automated decision-making technologies like artificial intelligence would be encouraged through greater clarity around safeguards for consumers.
The bill would also increase fines for nuisance calls by raising the current maximum from 500,000 pounds (U.S. $596,000) to align with the GDPR’s totals of £17.5 million (U.S. $20.9 million) or 4 percent of global revenue. It would further empower the Information Commissioner’s Office to enforce the new data protection regime with enhanced leadership and clearer objectives.
Progress on the bill was halted in September to allow the U.K. government to ensure its work “maintains data adequacy with the EU and wider international confidence in the U.K.’s comprehensive data protection standards.”
“Co-designed with business from the start, this new bill ensures that a vitally important data protection regime is tailored to the U.K.’s own needs and our customs,” said Donelan in a press release. “Our system will be easier to understand, easier to comply with, and take advantage of the many opportunities of post-Brexit Britain. No longer will our businesses and citizens have to tangle themselves around the barrier-based European GDPR.”
The U.K. government expects the changes to save the British economy £4.7 billion (U.S. $5.6 billion) over the next 10 years.
Wojciech Wiewiórowski, the European Data Protection Supervisor, told Compliance Week in July the European Commission would keep a close eye on the U.K.’s reforms and “could try to follow suit” on changes to the EU GDPR when a new commission comes into place in 2025.