03/10/2023 | News release | Distributed by Public on 03/10/2023 04:14
Published 10 March 2023
It has been a busy week for privacy professionals. The Government has published the second iteration of its proposals to reform the UK General Protection Regulation in the form of the Data Protection and Digital Information (No.2) Bill ("DPDI (No.2) Bill"). The original iteration of the Bill, published last year, will proceed no further.
Like its predecessor, the DPDI (No.2) Bill is intended to update and simplify the data protection framework in the UK, with the aim of reducing burdens and associated costs on organisations while maintaining high data protection standards.
There are targeted measures to reduce administration and compliance costs for business, in an effort to advance, in the Government's words, a 'common-sense' version of the UK GDPR.
Speaking at the IAPP Data Protection Intensive, Michelle Donelan (Secretary of State, Department for Science, Innovation and Technology) said the DPDI (No.2) Bill is "not a step back, but a massive step forward…it is a constructive progression of the EU GDPR and one that we hope will be an example for the rest of the world".
As with the original draft, rather than replacing existing UK data protection legislation, the DPDI (No.2) Bill amends the UK's existing and retained version of the EU General Data Protection Regulation ("UK GDPR") and Data Protection Act 2018 ("DPA 2018"), meaning that readers need to cross refer between the relevant content.
We will provide a detailed analysis of the proposals in the coming weeks, and provide updates at regular intervals as they progress through Parliament over the coming months. An initial summary of the key proposals, both new and retained from the original iteration of the Bill, is set out below:
The DPDI (No.2) Bill:
Maintains proposals to replace the office of the "Information Commissioner" with a new body, the "Information Commission". The Commission will consist of members appointed by the Secretary of State, or any such members appointed by those on the Commission already. It also maintains new measures to strengthen the role of the Information Commissioner, including a new principal objective and duties. The Commissioner will be required to publish a forward looking strategy document for carrying out its functions, and have regard to a statement of strategic priorities published by the Secretary of State.
The draft DPDI (No.2) Bill will now proceed to the second reading stage, which is expected to take place within the next few weeks. The subsequent committee stage will involve a detailed examination of the Bill, and parliamentarians will be able to propose amendments, and evidence may be taken from experts and interest groups.