Preiskel & CoPreiskel & Co
Preiskel & Co
  • Home
  • About Us
    • Diversity, Social Responsibility, and Pro Bono
  • Services
    • Corporate
    • Commercial
    • Regulatory
    • Competition & Antitrust
    • Data Protection, Privacy, and Retention
    • Intellectual Property
    • Dispute Resolution
    • Employment
  • Sectors
    • Telecommunications
    • IT, Technology, & Internet
    • Media and Broadcasting
    • Websites, Blogging, & Social Media
    • Film & Television
    • Gambling & Online Gaming
    • Leisure & Retail
    • Energy & Minerals
    • Cryptocurrency & Blockchain
    • Creative Industries
  • People
    • Daniel Preiskel
    • Ronnie Preiskel
    • Tim Cowen
    • Jose Saras
    • Robert Dougans
    • Karthyaeni Vittala
    • Tina Cowen
    • D A T Green
    • Richard Stewart
    • Mor Swiel
    • Ilanit Appelfeld
    • Stephen Dnes
    • Daniel Oakland
    • Robert Harvey
    • Martina Raciti
    • Joanna Coombs-Huang
    • Xavier Prida
    • Stewart White
    • Alison MacFarlane
    • Hannah Leader
    • Peter Dally
    • Antony Corel
    • Sue Warwick
    • Tony Curzon-Price
    • Shardi Shameli
    • Stephen Hornsby
    • Ewelina James
    • Maria Constantin
    • Sophia Yakhno
    • Rachael Machado
  • International
  • Blog
  • News
    • Publications
  • Contact
Menu back  

UK Government’s Data Reform Bill – Progress Currently Paused

June 22, 2022By Preiskel & Co

On the 5th of September 2022, the House of Commons announced in the business statement (found here) that the progress of the Data Protection and Digital Information Bill will be paused following the appointment of the new Prime Minister, to “allow Ministers to consider the legislation further”. We will continue to monitor the status of this bill.

On the 16th of June 2022, the Department of Media, Culture & Sport (“DCMS”) detailed the response to last year’s consultation on data protection law reform. The Data Reform Bill focuses on eliminating what was descried as “red tape and pointless paperwork”, lowering the barrier for personal data to be used in scientific research, and restructuring the Information Commissioner’s Office (“ICO”). While a copy of the Bill has not yet been published, the press release reveals that the Bill aims to cover the following:

  1. Remove the consent requirement for cookies for a small number of purposes, which have not yet been set out. Consent requirement for analytics cookies will be removed, as they will be treated similarly to “strictly necessary” cookies. Consent requirements will be removed for all cookies when automated technology is widely available to help users manage online preferences.
  2. Create a limited list of “legitimate interests” for processing, for which organisations will not need to apply a balancing test. This proposal will proceed but with a narrower list than suggested in the initial consultation.
  3. Remove the requirement for a Data Protection Impact Assessments under Article 35 GDPR, an Article 30 GDPR Records of Processing and mandatory DPOs under Articles 37 to 39 GDPR. Instead, organisations should have a “privacy management programme”, which covers appointing a suitable senior individual responsible for the programme, ensuring organisations implement risk assessment tools which help assess, identify and mitigate risks, and a more flexible record keeping requirement.
  4. Implement changes to processing personal data for scientific research. This would include creating a statutory definition of “scientific research”, and incorporating broad consent for scientific research.
  5. Introduce a cost ceiling for complying with a subject access request, and amend the threshold for refusing to comply with a subject access request from ‘manifestly unfounded or excessive’ to ‘vexatious or excessive’.
  6. Extend the ‘soft opt-in’ so that it can be relied on by non-commercial organisations, campaign groups and political parties.
  7. Increase fines for non-compliance with PECR to GDPR levels.
  8. Regarding the ICO, changes include:
    1. amending the process for issuing penalties, such as the power to compel witnesses to answer questions in investigations;
    2. removing the requirement for Prior Consultation with the ICO on high-risk processing;
    3. giving the ICO new, ‘clearer’ objectives, requiring consideration of economic growth, innovation and competition when making assessments.

DCMS also announced that it does not plan to implement several proposals from the initial consultation, such as introducing a nominal fee for subject access requests, raising the threshold for personal data breach reporting, and removing the restrictions on automated decision-making under Article 22 GDPR.

See more on the press release here and the consultation outcome here.

Please contact Jose Saras if you have any questions regarding the above.

The material contained in this article is only for general review of the topics covered and does not constitute any legal advice. No legal or business decision should be based on its content.

Latest Preiskel & Co blog posts
  • Issues in the UK’s forthcoming Digital Markets, Competition and Consumer Bill
    March 17, 2023
  • Stormy weather for cloud computing in the EU
    March 16, 2023
  • Inmarsat Takeover Provisionally Cleared for Take-Off
    March 10, 2023
  • EDPB’s Feedback on the New EU-U.S. Data Privacy Framework
    March 6, 2023
  • UK Data Reform Bill to return to the House of Commons
    March 3, 2023
  • DCMS Publishes New Security and Privacy Principles for App Store Operators and Developers
    February 16, 2023
  • DPO’s Dismissal & Conflicts of Interest Under The EU GDPR – CJEU Ruling
    February 14, 2023
  • ICO – Change of Deadline for Reporting Breach Notifications for Communication Service Providers
    February 6, 2023
  • General EU Requirements for Cookie Banners – EDPB Task Force Report
    January 27, 2023
  • Ofcom Launches Investigation into BT Following Suspected Breaches of Consumer Protections Post Implementation of EECC
    January 27, 2023
  • Important decision impacting how companies must provide personal data requested by data subjects under their access rights
    January 19, 2023
  • NIS 2 Directive – Enhanced Common Level Cybersecurity Across the EU
    January 12, 2023

The Preiskel Blog

  • Issues in the UK’s forthcoming Digital Markets, Competition and Consumer Bill 17 Mar 2023
  • Stormy weather for cloud computing in the EU 16 Mar 2023
  • Inmarsat Takeover Provisionally Cleared for Take-Off 10 Mar 2023
  • EDPB’s Feedback on the New EU-U.S. Data Privacy Framework 6 Mar 2023

Preiskel news

  • Senior Partner, Danny Preiskel, quoted by IT Pro on the costs incurred by MNOs
  • Senior Partner, Danny Preiskel, will be a panellist at GCCM Carrier Community 2023 on IOT
  • Jose Saras and Xavier Prida Awarded First Place as Data Protection Thought Leaders in the UK
  • Ronnie Preiskel chosen to judge 24 May 2023 The Tech Capital Global Awards
Preiskel tweets
  • Stormy weather for cloud computing in the EU. Find out more at: https://t.co/dOpC8u4wLf4 days ago
  • Senior Partner, Danny Preiskel, quoted by IT Pro on the costs incurred by MNOs. Find out more at: https://t.co/ypgfkhmwLc6 days ago
  • Inmarsat Takeover Provisionally Cleared for Take-Off. Please see further at: https://t.co/Yov4dhP51W10 days ago
Preiskel & Co LLP
4 King's Bench Walk,
Temple,
London
EC4Y 7DL
United Kingdom

Tel: +44 20 7332 5640
Email: info@preiskel.com

Find us on:

TwitterLinkedinMail
© Preiskel & Co LLP 2023 | Site map | Legal notices | Cookie Policy | Privacy