Preparing Gambling Operators for ECCTA 2023...
A new provision of the Economic Crime and Corporate Transparency Act 2023 (ECCTA) introduces a significant corporate criminal offence known...
Read MoreBefore the general election, Parliament faced a tight schedule to address pending Bills before being suspended for the election period. This process, known as the ‘wash-up process,’ is designed to expedite remaining legislative work. Unfortunately, the DPDI Bill did not make it through this process.
The bill aimed to establish regulations concerning the access to and processing of personal information, covering areas such as data sharing for law enforcement, information standards for health and social care, and the oversight of biometric data.
It proposed substantial changes and stirred controversy, especially regarding provisions that would allow the Department for Work and Pensions to have increased access to personal financial data to combat benefit fraud, and giving counter-terrorism police the authority to retain biometric data of individuals considered potential threats.
The bill faced numerous questions, comments, and unresolved issues. Controversial elements, such as the Department for Work and Pensions’ proposed bank account access powers, received significant media attention and lacked cross-party agreement, which likely hindered its progress through Parliament. Additionally, concerns were raised about the impact on the EU Adequacy Decision, with many EU Member States viewing the bill as a potential weakening of data protection legislation in the UK and a move towards increased surveillance. Organisations handling personal data of EU residents or providing services to people in the EU would still need to comply with GDPR, potentially leading to a more complex two-tier system.
As we have not taken action or changed policies based on the draft bill, there is no need to adjust current practices. This approach has ensured that valuable time and budget have not been spent unnecessarily, and there is no need to attend a flurry of webinars and courses related to the bill.
As it stands, the Data Protection Officer (DPO) remains a statutory role, and there is no requirement to appoint a board-level Senior Responsible Individual. However, it is beneficial to have someone at board level focused on supporting data protection and information governance compliance. The fines for breaches of Privacy and Electronic Communications (PECR) have not been increased to match those of GDPR, and the Information Commissioner and his Office will not change their format or legal status.
One downside of the DPDI Bill not passing is for those in the not-for-profit sector, as the anticipated relaxation for marketing (also relevant to political parties) will not proceed. Therefore, we need to continue finding other compliant approaches.
Now that the general election is behind us, we can only await whatever any future government decides to do, if anything, about data protection legislation. This means that, for the time being, we continue with our current practices while we await any potential changes a future government might introduce.
It is essential to stay informed and prepared for any updates or adjustments that may come. If you require advice or support on data protection and information governance, please do not hesitate to get in touch. Our team is here to help you navigate these complex regulations and ensure your compliance.
Please contact us on 020 7101 4861 if you think we can help.
Image accreditation: Palace of Westminster (2007) from wikicommonsmedia. Last accessed on 9th July 2024. Available at: https://commons.wikimedia.org/wiki/File:Palace_of_Westminster,_London_-_Feb_2007.jpg
A new provision of the Economic Crime and Corporate Transparency Act 2023 (ECCTA) introduces a significant corporate criminal offence known...
Read MoreBlack Friday, renowned for its retail bargains and record-breaking sales, is increasingly being dubbed “Black Fraud Day” due to the...
Read MoreInsider fraud can strike when you least expect it, causing significant harm to businesses and individuals alike. But how well...
Read More