cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
RichT
Newcomer II

UK Data Reform Bill

I'd be interested in your views on the UK's new Data Reform Bill - especially around cutting down on cookie consent pop-ups.

 

https://www.gov.uk/government/news/new-data-laws-to-boost-british-business-protect-consumers-and-sei...

 

Will it be good for business and target the real privacy nuisances or will it water down existing privacy laws?

 

 

 

 

1 Reply
Steve-Wilme
Advocate II

GDRP and DPA18 do not require organisations 'recruit' a DPO.  That implies that the DPO must be an employee, whereas as external can be an external party contracted to a number of organisations.

 

Having the ICO report to parliament as suggested in the bill, could result in the regulator becoming politically influenced rather than independent from the party in government.

 

The bill also proposes removal of rights, such as, for a legitimate interests assessment being required for the processing of data on minors and the right to object to purely automated decision making.  Given the known biases in ML/AI driven decision making this has the potential to result in unfair discrimination.

 

The New Office for Digital Identities and Attributes in the DCMS sound like a national id scheme via the backdoor.

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS