A proposed new law will strengthen the U.K.’s information privacy rules and bring the country in line with EU law, ensuring the free flow of information between Europe and the U.K. after Brexit.
The proposed law updates the U.K.’s Data Protection Act, which hasn’t changed since 1998, when internet use was in its infancy and social media didn’t exist. It will allow citizens to withdraw consent for companies to use their personal data and to request deletion of any information they posted before the age of 18, imposing substantial fines for companies that refuse without good reason.
“The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world,” said the U.K.’s Digital Minister Mark Hancock. It will “give consumers the confidence that their data is protected and those who misuse it will be held to account.”
The country hopes to pass the bill well before May 25, 2018, when the EU’s General Data Protection Regulation (GDPR)—which contains many of the same provisions—becomes effective. Under EU law, personal data can only be transferred to a third country where an adequate level of protection is guaranteed.
For a look at how the new law works, and how to prepare for it, read the full blog article.
Paul Sutton manages Radius’ Legal Advisory group. His areas of expertise include data protection, anticorruption, and intellectual property. Based in London, he was named one of the U.K.’s Top 50 lawyers specializing in technology, intellectual property, and related matters.