The Department for Digital, Culture, Media and Sport (DCMS) recently launched an online consultation regarding the UK’s data protection regulation. The UK’s data protection regime has not received a substantive update since 2018 when the European Union’s General Data Protection Regulation (GDPR) took effect, alongside the introduction of the UK’s Data Protection Act 2018 and many experts are concerned at the UK’s privacy laws going forward.
The latest Data Protection Index from The DPO Centre suggests data protection officer’s (DPO’s) confidence in the support they receive is falling, with only half (51%) rating their organisation’s compliance highly and merely a third (33%) feeling their company rates compliance among their business priorities. As these figures are down for the second quarter in a row, perhaps now is the right time to take stock and ask ourselves, is the current legislation fit for purpose?
At a time when many businesses are having to prioritise their response to both Brexit and the pandemic, it would seem understandable DP compliance is taking a back seat. The latest Data Protection Index supports this theory with many professionals raising concerns, stating their organisation’s data compliance and retention procedures are behind where they should be.
If you have taken the time to look at the consultation, and made the effort to answer the online questions, you’ll appreciate reviewing the current GDPR and the UK’s Data Protection Act 2018 is no small task. The terminology current in place continues to leave many businesses unsure how to tackle their own compliance procedures.
So, will a review help?
The government states “The UK needs agile and adaptable data protection laws that enhance its global reputation as a hub for responsible data-driven business that respects high standards of data protection.”
In its consultation document, DCMS outlines their aims:
- support vibrant competition and innovation to drive economic growth
- maintain high data protection standards without creating unnecessary barriers to responsible data use
- keep pace with the rapid innovation of data-intensive technologies
- help innovative businesses of all sizes to use data responsibly without undue uncertainty or risk, both in the UK and internationally
- ensure the Information Commissioner’s Office (ICO) is equipped to regulate effectively in an increasingly data-driven world
Reading between the lines, it would suggest we can expect a reduction in red tape, and new national agreements in place – most likely between the UK and the US. We can also expect changes within the Information Commissioner’s Office (ICO), given only 37 per cent of Data Protection Index responders felt confident in the Office’s effectiveness, many will welcome these changes.
Rob Masson, CEO, The DPO Centre commented, “The Department for Digital, Culture, Media and Sport’s recent consultation on the proposed changes to the UK’s data protection regulations needs to ensure that companies continue to protect client and employee data, therefore enabling the UK to remain a world leader in privacy and personal data management. “
