The British public could be set to receive more control of their personal data under new laws that could also see UK firms hit in the pocket for millions, if they suffer data breaches.
The new Data Protection Bill includes proposals that will make it simpler for people to withdraw consent for the use of their personal data, enable people to ask for their data to be deleted, expand personal data to include IP addresses, DNA and cookies, let people get hold of their information from organisations more easily, enable parents and guardian to give consent for the use of their child’s data, and more.
“Our measures are designed to support businesses in their use of data, and give consumers the confidence that their data is protected and those who misuse it will be held to account,” said Matt Hancock, Minister of State for Digital.
“The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world. The Bill will give people more control over their data, require more consent for its use, and prepare Britain for Brexit. We have some of the best data science in the world and this new law will help it to thrive.”
The proposals will also see UK firms fined up to £17m, or four per cent of global turnover, if they suffer a serious data breach – a huge increase from the current maximum of $500,000.
The Bill is very much seen as a tie-in to the upcoming implementation of the EU’s General Data Protection Regulation (GDPR), and only natural to have a UK law in place that mimics the GDPR – with the UK slowly edging toward the EU’s exit door.
“We are pleased the government recognises the importance of data protection, its central role in increasing trust and confidence in the digital economy and the benefits the enhanced protections will bring to the public,” said Elizabeth Denham, information commissioner.