DPDI Bill is not popular amongst practitioners
The Data Protection and Digital Information (No.2) Bill (DPDI) is proceeding in Parliament, but its new provisions are not welcomed by many DPOs despite the government’s aim to make compliance easier for business. According to a recent survey, 61% of the respondents think the UK’s new bill is a negative development.
Our own experience is that large organisations say they still need to comply with the EU GDPR due to an EU-wide customer base. EU actors see the UK as an outlier now – this was also evident at the CPDP conference in Brussels in May where the UK session on the forthcoming legislative changes attracted only a handful of participants.
It remains to be seen whether Parliament will make changes to the extensive powers given to the Secretary of State in the DPDI Bill. The ICO says it is satisfied with the Bill but EU MEPs gave the Information Commissioner a hard time at a hearing, on 23 May, of the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE).
New aspects in the UK DPDI Bill include smart data schemes. Whilst a good idea in principle, as they would save consumers money and time, the devil is in the detail. Existing programmes, such as switching contracts for phones are popular. However, there is a large cost involved to businesses setting them up, and data protection rights need to be ensured in smart data schemes.
The smart data scheme proposals under the Bill are welcome, as long as organisations do not take it as some kind of carte blanche to engage in indiscriminate analytics, our correspondent says. The government is also developing a transport data strategy, which opens up questions about data monetisation and data sharing. These issues and more will be discussed at a PL&B workshop Harnessing Data, Valuing Privacy, on 14 September in London.
Editor, Privacy Laws & Business