The UK’s Data Protection and Digital Information (No. 2) Bill was introduced on 8 March 2023 and marks the recommencement of plans to reform the UK’s post-Brexit data protection framework. Notably, we saw the withdrawal of the Data Protection and Digital Information Bill (‘Bill No. 1’) on the same date, as Bill No.1, introduced back in 18 July 2022, was paused to allow ministers to engage in a co-design process with business leaders and data experts.
The new bill consists of six parts and covers data protection, digital verification, customer and business data, digital information, and oversight and enforcement. It seeks to ensure data adequacy while moving away from the ‘one-size-fits-all’ approach of the EU GDPR as it introduces changes to build a more business-friendly framework for its data laws.
In this webinar we’ll discuss some of the major changes the bill introduces as well as key provisions organizations should be made aware of, including the following:
- major changes between the two UK bills
- material changes in comparison with the EU GDPR
- material impact of amendments to UK data transfers provisions
- potential implications for government access to personal information in line with the new law enforcement and intelligence provisions
- expanded role of the ICO
- potential impact on UK Adequacy
- what the digital verification framework means for companies in practice
- impact of the customer and business data obligations on companies