Long live the DPO!

The DPO is dead. Or at least, so the UK government’s consultation on the future of data protection in the UK would have us believe. By Alison Deighton of HelloDPO.

The Department for Digital, Culture Media & Sport (DCMS) published a consultation paper on 10 September 2021, setting out proposals for data protection reform in the UK. Chapter 2 of the consultation paper focuses on “Reducing burdens on businesses and delivering better outcomes for people”. One of the core proposals in this chapter relates to reform of the accountability framework, and it is here that DCMS includes a proposal to remove the existing requirement for certain organisations to designate a data protection officer (DPO).

Why get rid of the DPO role?

The rationale for abandoning the role of the DPO is somewhat scant in the consultation paper. The paper sets out the UK GDPR triggers for appointing a DPO, the duties of the DPO and the requirements for the DPO to be independent and goes on to state that “the current requirements do not necessarily drive the intended outcomes of the legislation”. The paper does not, however, explain what the intended outcomes are or why DCMS considers they are not being met.

Continue reading

UK Report subscribers please login to access the full article.

If you wish to subscribe please see our subscription information.