British Data Law – The new proposals

The Government has outlined new plans for British data law, which it claims will give researchers more flexibility to conduct life-saving scientific research and deliver breakthroughs to improve people’s lives, while also saving businesses around £1 million.

The new savings will be delivered via a clampdown on bureaucracy, red tape and ‘pointless paperwork’, which plagues the current data control and processing procedures.

However, alongside the benefits of the new law, the Government has also warned that firms who hound people with nuisance calls face tougher fines.

Highlighting the importance of data in the UK economy, the launch of the new Data Reform Bill revealed that data-driven trade “generated nearly three-quarters of the UK’s total service exports and generated an estimated £234 billion for the economy in 2019”.

The new Bill is being created to strengthen the UK’s high data protection standards, while reducing any burdens on businesses.

Here are some of the proposals put forward:

Reducing the burden on businesses – The Bill will aim to clarify the highly complex General Data Protection Regulation (GDPR) by removing the prescriptive requirements giving organisations little flexibility about how they manage data risks.

This includes the need for organisations, such as small businesses, to have a dedicated Data Protection Officer (DPO) or undertake lengthy impact assessments.

While the same high data protection standards will remain, many organisations will be given the flexibility to determine how they meet these standards.

Tackling unnecessary cookies – As well as taking on nuisance callers, the Bill aims to simplify the collection of cookies by updating the Privacy and Electronic Communications Regulations (PECR) so that the number of user consent pop-ups and banners on websites are reduced.

This will be achieved by a new opt-out model for cookies, which will reduce the need for users to click through consent banners on every website they visit.

This will allow internet users to set an overall approach to how their data is collected and used online, predominantly through the web browser that they use.

Businesses need to be aware that the increased fines for nuisance calls and texts and other serious data breaches under the UK’s existing PECR will increase from the current maximum of £500,000 and be brought in line with current UK GDPR penalties, which are up to four per cent global turnover or £17.5 million, whichever is greater.

Information Commissioner’s Office – The organisation of the ICO will be modernised and improved to make sure it remains an internationally renowned regulator.

This will include introducing “a wider set of skills to support robust decision-making and broaden the legal responsibility underpinning the ICO’s work, which currently sits solely with the role of Information Commissioner”.

A new set of objectives for the regulator will also help Parliament and the public holds the regulator to account.

If you need advice on existing data law compliance, get in touch with our experts today.

Contact us

Complete the below form and a member of our team will get back to you

If you would like to see full details of our data practices please visit our Privacy Policy and if you have any questions please email