Dorries outlines new data laws to replace GDPR

UK start-ups which focus on the environment and other sustainable development raised £2.3 billion this year, after a wave of investment in UK clean energy companies.

Nadine Dorries has continued to pave the way for the post-Brexit digital landscape this evening, emphasising the UK’s departure from EU bureaucracy.

In its fresh consultation released tonight, the government have set out how the Data Reform Bill announced in this year’s Queen’s Speech will strengthen the UK’s data protection standards while reducing burdens on businesses to deliver around £1bn in cost savings for firms across the country.

Since the European Union’s complex General Data Protection Regulation (GDPR) was brought in four years ago, many businesses have complained about its lack of clarity, and ‘box-ticking’ nature. It is also argued that the one-size-fits-all European approach puts disproportionate burdens on startups and scale ups.

By contrast, the new bill will remove the UK GDPR’s prescriptive requirements – including the need for certain organisations to undertake lengthy impact assessments.

Digital Secretary Nadine Dorries said the new laws would make it easier to “unlock the power of data to grow the economy and improve society”.

Isabel Simpson, Global Data Protection Lead for KPMG Law praised the government move, and told media: “It is right to have controls in place that are appropriate for the size and type of organisation, rather than a blanket approach”.

However, she did emphasise that firms need to take note of the Information Commissioner’s Office’s objectives and ensure that their privacy management programmes meet updated regulatory expectations.

Partner at Addleshaw Goddard Ross McKenzie was less sympathetic to the new measures, saying: “The shadow of the EU GDPR will still loom large over UK businesses that operate across the EU and UK”.

Indeed, compliance with the EU rules will still be required for EU operations and where UK companies process EU data in the UK, meaning that the new measures won’t benefit many multinational companies.

“Many businesses will struggle to benefit from a twin regime when trying to manage data protection compliance in a consistent and uniform way.”

The bill will also hike financial penalties for nuisance calls and minimise cookie pop-ups for users.