11th August 2017
This week, Digital Minister Matt Hancock announced the Government’s proposals for a new set of data protection laws, meaning the Data Protection Act 1998 will be succeeded by a Bill which will impose more stringent requirements on companies holding personal data, and keep the UK in line with Europe’s new General Data Protection Regulation (GDPR). What is interesting is that after much debate during the EU referendum around the huge volume of burdensome regulations coming from Brussels, this new Bill is now bringing some of the most ambitious and challenging EU rules for businesses into UK law, meaning it will have effect after Brexit.
Nearly 20 years after the Data Protection Act was first enacted, the imperative of providing an online service has led to most companies retaining customers’ personal details on their databases. The problem arises when companies are permitted to share this information with other companies, resulting for example in targeted marketing activities that have been unwittingly agreed to via pre-ticked boxes or opt-outs, designed to target specific personal interests. Even in the event of removing personal information from the internet, it is still possible for it to be held by companies within their databases.
The European Court of Justice instated the ‘right to be forgotten’ in May 2014 as a way for citizens to take back control of their personal data. The supposed solution created new problems: how wide-spread should this ‘forgetting’ of information be? Google is currently locked in a legal battle with France on this very issue, arguing that deletion of data should only be held to one country, otherwise states with harsher guidelines can implement their state-wide censorship on the global population.
While Matt Hancock has made a point of saying that the Bill will “support businesses in their use of data” and “prepare Britain for Brexit” by ensuring UK companies are compliant with EU data requirements so that data can continue to flow freely across borders, it also imposes enormous burdens on British businesses. One of the biggest impacts of the new data protection legislation on companies is that users will now have to explicitly consent to their content being shared, rather than simply fail to opt out. There is also the prospect of far larger fines for non-compliance — up to 4 per cent of global annual turnover, or £17m, whichever is greater.
The Bill is undoubtedly a popular measure that will allow citizens to retain their privacy in an increasingly data driven world. But as the UK leaves the EU, it is one of many instances where the UK will have to remain compliant with stringent EU law in order to continue doing business with the bloc, even after our departure.
14th December 2017
Loretta Ahmed, CEO Grayling Middle East and Africa, looks at how injecting fun into every aspect of brand communication can increase customer engagement. In 2018 smart marketers will drive purpose and...Read More
13th December 2017
Small is the New Big
As the pace of change gets faster, organizations of all sizes are embracing the start-up mentality. In the latest of our 2018 Trends predictions, Grayling’s San Francisco MD, Alan Dunton explains...Read More
8th December 2017
Why brands should be making stories, not just telling them
Today, the art of storytelling for brands has reached exciting and innovative levels, but regardless of the touchpoint we use to tell the tales, a strong narrative is the driving force. Christian...Read More