Everything you need to know about the UK’s new Data Protection Bill
The move is aimed at making it simpler for people to control how companies use their personal details.
Social media firms will be required to delete information on children and adults when asked under laws aimed at giving people a greater “right to be forgotten” online in the new Data Protection Bill.
The Bill, drafted under Digital Minister Matt Hancock, will make it simpler for people to control how companies use their personal details, with extra powers for the information watchdog to issue fines of up to £17 million.
Here’s everything you need to know:
What exactly is the Bill proposing?
The new powers will mean people can ask social media platforms to delete information they posted in their childhood.
The Bill will also require people to give explicit consent for their information to be collected online, rather than firms relying on pre-selected tick boxes.
The legislation will allow people to ask for their personal data held by companies to be erased and enable parents and guardians to give consent for their child’s data to be used.
It will also expand the definition of personal data to include IP addresses, internet cookies and DNA and make it easier and free for individuals to require an organisation to reveal the personal data it holds on them.
So what does that mean?
The legislation will pave the road to create new criminal offences to deter organisations from intentionally or recklessly creating situations where someone could be identified from anonymised data.
It will bring the European Union’s General Data Protection Regulation (GDPR) into domestic law, helping Britain prepare for Brexit because it will mean the systems are aligned when the UK leaves the bloc.
The Information Commissioner’s Office will be given significantly tougher powers, with the maximum fine it can levy being increased from £0.5m to £17 million, or 4% of a firm’s global turnover.
The bill, which was announced in the Queen’s Speech, will be introduced in Parliament when MPs and peers return from the summer break in September.
Why was the move made?
The aim of the move is to make it simpler for people to control how companies use their personal details.
Matt Hancock said: “Our measures are designed to support businesses in their use of data, and give consumers the confidence that their data is protected and those who misuse it will be held to account.
“The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world. It will give people more control over their data, require more consent for its use, and prepare Britain for Brexit.
“We have some of the best data science in the world and this new law will help it to thrive.”
What has the reaction been?
Shadow culture secretary Tom Watson said the Labour MPs would be scrutinising the bill carefully.
“Labour’s manifesto committed to allowing young people to remove content shared on the internet before they turned 18, so we’re glad the Government is taking action on this,” he said. “As we are leaving the EU it is more important than ever that we have a robust data protection framework fit for the future.
David Emm, principal security researcher, Kaspersky Lab, said: “It is important that the general public embraces this new freedom and recognises the value of personal data – not just to ourselves but to would-be cybercriminals.
“New data protections laws are designed to make organisations more careful with our data, but regardless of this, it is important that we on an individual level know what information is being kept and how it’s being handled – which will also reduce the likelihood of it falling into the wrong hands.”