The UK has unveiled details for its new Data Protection Bill, and while it is largely in line with European Union rules, there is also some substance to it (for once).
What we have become used to from governments is a relatively light-weight set of rules which are constantly playing catch-up with technological developments. Many of the rules surrounding communications in today’s society are based on laws passed in the 80s and 90s, prior to smartphone and cloud revolutions, making them largely irrelevant. But this latest move to update the UK does have some weight behind it.
“The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world,” said Matt Hancock, Minister of State for Digital. “The Bill will give people more control over their data, require more consent for its use, and prepare Britain for Brexit. We have some of the best data science in the world and this new law will help it to thrive.”
The Government has claimed the majority of people are not confident over the security of their data, though whether this is due to a lack of education or a lack of protection from a legal perspective is unknown. That said, the new rules aim to put control of personal information back in the hands of the consumer.
It is a question which is becoming louder every day, but is still to be answered; who owns data when it comes to online interactions? Does Facebook own information you have provided to access the platform? Can telcos resell information to third-parties? When does the consumer lose ownership of sensitive information?
It is certainly a complicated one, and the ripples could be far ranging when it comes to online business models. If companies no-longer possess the capability to store and resell personal information, will they be able to operate? Some internet businesses are built on this concept; the consumer gets free services on the condition that consumers online identity can be used to fuel the digital economy. The next question which will needed to be asked is will these laws destroy such business models meaning we revert to the days of paywalls?
Perhaps this is something which the general population does not realise. They want something for free, but aren’t happy to give away their personal information. One of those conditions needs to change if the digital economy is to succeed in how it is currently envisioned.
The Data Protection Bill, does cover quite a few areas quite extensively:
- Consumers can withdraw consent for the use of personal data
- It will make it simpler for consumers to request their personal data held by companies to be erased
- Parents will be able to allow for their child’s data to be used
- Require explicit permission for data to be used. Essentially moving away from the idea of ‘opt-out’ and more forcefully require ‘opt-in’ conditions
- Expand the definition of personal information to include things such as IP addresses
- Make it simpler for a consumer to find out what information is being held on them by an organization
- Make is easier to move data to somewhere else
There are certainly some good ideas, and in theory it does allow the consumer to gain more control, but there are a few complications. Aside from the idea mentioned above, not many people will know who has data on them. Of course there are the easy ones, banks for instance, or whoever does your car insurance, but what about games you downloaded twelve months ago on your smartphone. No-one will be able to control their personal information entirely, because no-one really knows who is storing information on them.
What the bill looks like now will probably change quite considerably over the next couple of months, but to our surprise, it’s not a bad attempt. Even if most of it has been pinched from European Union rules.