This morning the UK Government announced further details of their plans to implement the EU’s General Data Protection Regulation (GDPR) into UK law. Initially proposed in the Queen’s Speech, today’s ‘statement of intent’ which committed to introducing a new Data Protection Bill outlined some additional details on the right to erasure and the citizens’ general controls over their personal data online.
These plans, to strengthen and update existing regulation, develop the importance of consent in how personal data is collected online, expand the definition of personal data and allow for personal data held by companies to be erased. These are all positive steps, but they cannot be fully scrutinised until the full Bill is released.
It is worth remembering that this is nothing new; the EU-wide GDPR is due to come into force in May 2018. The GDPR will expand and extend the current data protection requirements and give everyone a raft of rights to introduce a little more control over when, how and why your data should be used. It will apply to every EU Member State, every EU citizen and any organisation which provides a service or goods to an EU citizen. You can read our blog here on what it will entail, but it is reassuring that the legislation is being brought through in the pre-Brexit period.
We look forward to reading the full legislation when it is released, but today’s announcement seems like a step in the right direction towards greater data protection online. In the current age, greater control over our own data is vital for online privacy.
In the coming weeks we will be releasing a series of Factsheets, which will provide an overview of the new legislation.