The British government is proposing changes to the local General Data Protection Regulation standards, or UK GDPR, as it reacts to the advent of newer technologies such as artificial intelligence (AI), the Internet of Things (IoT), and big data.
The government wants to responsibly shape these innovations to bring tangible benefits to people by improving lives, creating jobs, and contributing to a fairer society. The authorities recently looked to seek feedback from businesses and other organizations on proposed changes to the UK GDPR, giving a deadline for a reply of November 19.
UK Government personal and corporate data protection aims
The government goals include strengthening corporate responsibility for personal data protection, using data to cope with the COVID19 pandemic, and ensuring the UK’s status as a global hub for the free and responsible flow of personal data.
Unlocking the power of data is also one of the government’s top 10 technology priorities. The recently published National AI Strategy also underscores the importance of this consultation and the role of data protection for broader AI governance.
Therefore, UK employers should keep a lookout for possible changes in data transfer and privacy regulations. This includes new fines for firms that violate the rules. Failure to comply with UK data protection laws could result in a fine of £17.5 million (US$ 23.47 million), or 4% of the company’s total annual worldwide sales.
Concerns and issues raised in ICO
The Information Commissioner’s Office (ICO) currently devotes a significant portion of its resources to handling a large number of enquiries and complaints from the public about data protection. In 2020/21, the ICO received 36,607 new complaints, only a slight decrease from the 38,514 in 2019/2,0 and more than they received in 2018/19.
According to the UK GDPR and the Data Protection Act 2018, there is currently no threshold for filing a complaint with the ICO, which contrasts internationally to other regulations such as the New Zealand Privacy Act (2020). In addition, in its investigations into alleged violations of the data protection regime, the ICO was sometimes faced with the challenge of providing timely and sufficiently detailed information from organizations about the technical and organizational measures implemented and the corrective measures in the future.
Away from UK GDPR Data – a new direction
The reforms outlined in this consultation will:
- Strengthen UK’s position by simplifying the data used by researchers and developers of artificial intelligence and other cutting-edge technologies.
- Build on the use of unprecedented and lifesaving data to tackle COVID19 -pandemic.
- Secure the UK’s status as the global hub for the free and responsible flow of personal data to complement their ambitious plan for new trade deals and data partnerships with some of the world’s fastest-growing economies.
- Reinforce the responsibility of companies to protect personal data while at the same time enabling growth and innovation.
- Ensure that the ICO remains a world-leading regulator, enabling people to use data responsibly to achieve economic and social goals.
Responsible Data Usage
Protecting people’s data must be at the heart of the UK’s new regime; without the public’s trust, the government will risk losing the benefits of a society driven by responsible data usage. And although it’s not an obstacle to innovation or trade, regulatory certainty, and high data protection standards enable companies and consumers to succeed and thrive.