Most everyone has had an embarrassing dream – being in an exam unprepared, or going to school without one’s pants on – and most everyone has had an embarrassing moment in real life too. The advent of mobile technology has made it possible to capture some of those moments forever, and publish them for the world to see. Plus the personal information that has become ubiquitous to life in the modern era is often spread everywhere for others to see. A new Data Protection Bill has been introduced that will provide new and important consent laws for UK residents.
New Proposal Details
The new proposal being outlined by the Digital Minister, Matt Hancock, would provide a means for protecting personal data in the UK that is as stringent as the EU’s GDPR (General Data Protection Regulation). With Brexit, the need for greater levels of data protection in Britain has been made more serious, and the new bill would provide those controls. The rules include provisions including:
- make withdrawing consent for their personal data use simpler
- allow for requests for data to be deleted
- require firms to obtain “explicit” consent for processing personal data
- expand the definition of personal data to include IP addresses, DNA and cookies
- let people get hold of the information organizations hold on them much more freely
The new regulations would go far beyond what already exists in the UK regarding the ‘right to be forgotten’, which makes specific constraints on what can appear in search engines. However, these new regulations, like the GDPR, would provide control over personal data that is held by a wide range of companies.
Additionally, the bill would require substantial fines for violation of the new rules. Currently, the maximum fines for those who violate data protection regulations is 500,000 GBP. However, the new laws would make it possible for firms who violate data protection to be fined as much as 17 million GBP, or 4% of total global profit.
Whether the new regulations become law remains to be seen. However, it will certainly make for interesting debate around how personal and private data should be managed and protected, and some course of action must be taken in the UK, as the EU institutes the GDPR. As protection increases, the risk of those embarrassing moments being made public should reduce substantially.