Phone us
Despite being in its final stages, the DPDI Bill was dropped due to lack of parliamentary time ahead of the July 4th general election. As we enter a new political era, we analyse the potential next steps for data protection legislation.

Before the general election, Parliament faced a tight schedule to address pending Bills before being suspended for the election period. This process, known as the ‘wash-up process,’ is designed to expedite remaining legislative work. Unfortunately, the DPDI Bill did not make it through this process.

Features of the DPDI Bill

The bill aimed to establish regulations concerning the access to and processing of personal information, covering areas such as data sharing for law enforcement, information standards for health and social care, and the oversight of biometric data.

It proposed substantial changes and stirred controversy, especially regarding provisions that would allow the Department for Work and Pensions to have increased access to personal financial data to combat benefit fraud, and giving counter-terrorism police the authority to retain biometric data of individuals considered potential threats.

Good or Bad?

The bill faced numerous questions, comments, and unresolved issues. Controversial elements, such as the Department for Work and Pensions’ proposed bank account access powers, received significant media attention and lacked cross-party agreement, which likely hindered its progress through Parliament. Additionally, concerns were raised about the impact on the EU Adequacy Decision, with many EU Member States viewing the bill as a potential weakening of data protection legislation in the UK and a move towards increased surveillance. Organisations handling personal data of EU residents or providing services to people in the EU would still need to comply with GDPR, potentially leading to a more complex two-tier system.

As we have not taken action or changed policies based on the draft bill, there is no need to adjust current practices. This approach has ensured that valuable time and budget have not been spent unnecessarily, and there is no need to attend a flurry of webinars and courses related to the bill.

Key Considerations

As it stands, the Data Protection Officer (DPO) remains a statutory role, and there is no requirement to appoint a board-level Senior Responsible Individual. However, it is beneficial to have someone at board level focused on supporting data protection and information governance compliance. The fines for breaches of Privacy and Electronic Communications (PECR) have not been increased to match those of GDPR, and the Information Commissioner and his Office will not change their format or legal status.

One downside of the DPDI Bill not passing is for those in the not-for-profit sector, as the anticipated relaxation for marketing (also relevant to political parties) will not proceed. Therefore, we need to continue finding other compliant approaches.

What Happens Next?

Now that the general election is behind us, we can only await whatever any future government decides to do, if anything, about data protection legislation. This means that, for the time being, we continue with our current practices while we await any potential changes a future government might introduce.

It is essential to stay informed and prepared for any updates or adjustments that may come. If you require advice or support on data protection and information governance, please do not hesitate to get in touch. Our team is here to help you navigate these complex regulations and ensure your compliance.

Please contact us on 020 7101 4861 if you think we can help.

 

Image accreditation: Palace of Westminster (2007) from wikicommonsmedia. Last accessed on 9th July 2024. Available at: https://commons.wikimedia.org/wiki/File:Palace_of_Westminster,_London_-_Feb_2007.jpg

In case you missed it...

IT Outage
Worldwide IT Outage: Rethinking Resiliency

If you’ve been following today’s news, you'll be aware of the massive IT outage worldwide which has grounded flights, forced some broadcasters off...

Read More
Starting out in the Cyber Security...

Over the past years, AJC has been fortunate to experience considerable growth. As a natural step to support this, AJC...

Read More
Visa Acquirer Monitoring Programme Changes 2024:...

Visa is changing its compliance framework with the updated Visa Acquirer Monitoring Programme (VAMP) which will affect European merchants, acquirers,...

Read More

Get in touch

    By submitting this form you are consenting that your data be handled in accordance with our Privacy Notice and we will be in touch regarding your enquiry.