Preiskel & CoPreiskel & Co
Preiskel & Co
A boutique law firm in London
  • Home
  • About Us
    • Diversity, Social Responsibility, and Pro Bono
  • Services
    • Corporate
    • Commercial
    • Regulatory
    • Competition & Antitrust
    • Data Protection, Privacy, and Retention
    • Intellectual Property
    • Dispute Resolution
    • Employment
  • Sectors
    • Telecommunications
    • IT, Technology, & Internet
    • Media and Broadcasting
    • Websites, Blogging, & Social Media
    • Film & Television
    • Gambling & Online Gaming
    • Leisure & Retail
    • Energy & Minerals
    • Cryptocurrency & Blockchain
    • Creative Industries
  • People
    • Daniel Preiskel
    • Ronnie Preiskel
    • Tim Cowen
    • Jose Saras
    • Robert Dougans
    • Karthyaeni Vittala
    • Tina Cowen
    • Xavier Prida
    • Martina Raciti
    • Ewelina James
    • Rachael Machado
    • Maria Constantin
    • Peter Dally
    • Richard Stewart
    • Joanna Coombs-Huang
    • Paul Stelges
    • Hannah Leader
    • Alison MacFarlane
    • Ilanit Appelfeld
    • Daniel Oakland
    • Sophia Yakhno
    • Sue Warwick
    • D A T Green
    • Antony Corel
    • Stewart White
    • Mor Swiel
    • Stephen Hornsby
    • Tony Curzon-Price
    • Robert Harvey
    • Shardi Shameli
  • International
  • Blog
  • News
    • Publications
  • Contact
Menu back  

UK Government’s Data Reform Bill – Progress Currently Paused

June 22, 2022By Preiskel & Co

On the 5th of September 2022, the House of Commons announced in the business statement (found here) that the progress of the Data Protection and Digital Information Bill will be paused following the appointment of the new Prime Minister, to “allow Ministers to consider the legislation further”. We will continue to monitor the status of this bill.

On the 16th of June 2022, the Department of Media, Culture & Sport (“DCMS”) detailed the response to last year’s consultation on data protection law reform. The Data Reform Bill focuses on eliminating what was descried as “red tape and pointless paperwork”, lowering the barrier for personal data to be used in scientific research, and restructuring the Information Commissioner’s Office (“ICO”). While a copy of the Bill has not yet been published, the press release reveals that the Bill aims to cover the following:

  1. Remove the consent requirement for cookies for a small number of purposes, which have not yet been set out. Consent requirement for analytics cookies will be removed, as they will be treated similarly to “strictly necessary” cookies. Consent requirements will be removed for all cookies when automated technology is widely available to help users manage online preferences.
  2. Create a limited list of “legitimate interests” for processing, for which organisations will not need to apply a balancing test. This proposal will proceed but with a narrower list than suggested in the initial consultation.
  3. Remove the requirement for a Data Protection Impact Assessments under Article 35 GDPR, an Article 30 GDPR Records of Processing and mandatory DPOs under Articles 37 to 39 GDPR. Instead, organisations should have a “privacy management programme”, which covers appointing a suitable senior individual responsible for the programme, ensuring organisations implement risk assessment tools which help assess, identify and mitigate risks, and a more flexible record keeping requirement.
  4. Implement changes to processing personal data for scientific research. This would include creating a statutory definition of “scientific research”, and incorporating broad consent for scientific research.
  5. Introduce a cost ceiling for complying with a subject access request, and amend the threshold for refusing to comply with a subject access request from ‘manifestly unfounded or excessive’ to ‘vexatious or excessive’.
  6. Extend the ‘soft opt-in’ so that it can be relied on by non-commercial organisations, campaign groups and political parties.
  7. Increase fines for non-compliance with PECR to GDPR levels.
  8. Regarding the ICO, changes include:
    1. amending the process for issuing penalties, such as the power to compel witnesses to answer questions in investigations;
    2. removing the requirement for Prior Consultation with the ICO on high-risk processing;
    3. giving the ICO new, ‘clearer’ objectives, requiring consideration of economic growth, innovation and competition when making assessments.

DCMS also announced that it does not plan to implement several proposals from the initial consultation, such as introducing a nominal fee for subject access requests, raising the threshold for personal data breach reporting, and removing the restrictions on automated decision-making under Article 22 GDPR.

See more on the press release here and the consultation outcome here.

Please contact Jose Saras if you have any questions regarding the above.

The material contained in this article is only for general review of the topics covered and does not constitute any legal advice. No legal or business decision should be based on its content.

Latest Preiskel & Co blog posts
  • CMA AI Report: The Foundation of the UK’s AI Response
    September 21, 2023
  • Navigating Health Data Compliance: A Roadmap for Employers
    September 21, 2023
  • Transatlantic convergence? Recent cases on advertising and privacy from the USA and UK
    September 15, 2023
  • Practical Guide – Net Neutrality in the UK
    September 14, 2023
  • Virgin succeeded in defending a claim by EE for loss of EE’s profits caused by Virgin’s breach of the MVNO Exclusivity Clause
    September 12, 2023
  • Getting out of a (data) scrape: global statement published for the protection of publicly accessible personal data online
    September 8, 2023
  • The dark side of design: the ICO and CMA call for businesses to rethink their website layouts
    August 18, 2023
  • Could the Supreme Court’s ruling on litigation funding agreements cause havoc for litigation funders?
    August 17, 2023
  • US Threats of a ‘Te(ch)xodus’ from the UK?
    August 17, 2023
  • Smoother Sailing for EU-US Data Transfers after GDPR Adequacy Decision
    August 4, 2023
  • Unlocking Data Flows: EU-US Data Privacy Framework Receives Adequacy Decision
    July 13, 2023
  • UK’s World Leading Approach on Artificial Intelligence – White Paper outlines 5 guideline principles for responsible use of AI
    July 5, 2023

The Preiskel Blog

  • CMA AI Report: The Foundation of the UK’s AI Response 21 Sep 2023
  • Navigating Health Data Compliance: A Roadmap for Employers 21 Sep 2023
  • Transatlantic convergence? Recent cases on advertising and privacy from the USA and UK 15 Sep 2023
  • Practical Guide – Net Neutrality in the UK 14 Sep 2023

Preiskel news

  • Practical Guide – Net Neutrality in the UK
  • Danny Preiskel featured in GCCM Magazine (June/July 2023 issue 55)  
  • Danny Preiskel moderating a panel at the MEF Connects – The Future of Fraud Prevention event (5th September 2023, hybrid)
  • Preiskel & Co advised TMT Analysis on the acquisition of Phronesis Technologies
Preiskel & Co LLP
4 King's Bench Walk,
Temple,
London
EC4Y 7DL
United Kingdom

Tel: +44 20 7332 5640
Email: info@preiskel.com

Find us on:

TwitterLinkedinMail
© Preiskel & Co LLP 2023 | Site map | Legal notices | Cookie Policy | Privacy