bto solicitors - Corporate & Commercial Business Lawyers Glasgow Edinburgh Scotland

  • "really fights your corner..."
    "really fights your corner..." Chambers UK
  • "Consistently high-quality work and client-friendly approach."
    "Consistently high-quality work and client-friendly approach." Chambers UK

All change in the handling of personal data?

30 August 2024

The election saw the Labour Party find a new home at Downing Street and with it, the potential for a change in how we handle personal data, particularly under UK GDPR.

Two of the most significant bills in this area, initially raised by Labour in their King’s Speech, are the Digital Information and Smart Data Bill and the Cyber Security and Resilience Bill.

This article will set out the key provisions of each Bill.

Lynn Richmond
Lynn Richmond
Partner

Digital Information and Smart Data Bill:

The aim of the Bill, as outlined by the Government, is to ‘harness data to drive economic growth, improve sharing data in public services, promote scientist’ and researchers’ work, and empower the Information Commissioner’s Office (ICO), in its enforcement of data laws’.

There are five main areas the Bill seeks to address:

Digital Verification services: The Bill is intended to support the creation and adoption of secure digital identity products and services from certified providers. The focus of the services will be predominantly in relation to things like moving house or buying age-restricted goods. The Bill is thought to encourage use of these services beyond the narrow confines of retail banking where it is currently used for credit checks etc.

National Underground Asset Register: The Bill proposes to create a new digital map outlining underground pipes and cables with details of how they are installed, operated and maintained. This will assist planners in making access to this data more accessible and efficient.

Smart Data Schemes: The Bill aims to set up schemes to allow for ‘secure sharing of a customer’s data upon their request, with authorised third-party providers’. 

Public Services: The Government has proposed a new electronic system for the registration of births and deaths. The Bill is intended to revise the Digital Economy Act to facilitate the sharing of data about businesses that use public services.

ICO: The Bill recommends the appointment of a CEO, board and chair to the ICO to grant more power to their regulatory structure and increase its enforcement power.

Cyber Security and Resilience Bill:

The aim of this Bill is to ‘strengthen the UK’s cyber defences and ensure that more essential digital services than ever before are protected’, an aim that many commentators suggest is crucial in today’s digital age.

Although we do not, as yet, have a great deal of information on the content of the Bill, the briefing notes point towards an agenda for addressing the UK’s failure to keep up-to-date with the legislative advancements by the EU.

In order to achieve this aim, the Bill proposes to:

  • Expand the remit of regulation from essential services by digital service providers to cover more digital services and supply chains.
  • Give regulators wider powers to proactively investigate and tackle gaps in cybersecurity.
  • Mandate companies to report cybersecurity incidents to ensure the Government do not fall behind the curve.

Both Bills represent a significant, and arguably long overdue, step to modernising the UK’s regulatory approach to data protection. It will be interesting to see how much support, or lack thereof, they might get in the House of Commons.

Lynn Richmond, Partner & Accredited Specialist in IP Law: lyr@bto.co.uk / 0131 222 2939

Related Links

“The level of service has always been excellent, with properly experienced solicitors dealing with appropriate cases" Legal 500

Contact BTO

Glasgow

  • 48 St. Vincent Street
  • Glasgow
  • G2 5HS
  • T:+44 (0)141 221 8012
  • F:+44 (0)141 221 7803

Edinburgh

  • One Edinburgh Quay
  • Edinburgh
  • EH3 9QG
  • T:+44 (0)131 222 2939
  • F:+44 (0)131 222 2949

Sectors

Services