New data laws to cut down pointless paperwork for businesses and reduce annoying cookie pops-up

The UK government is introducing new data laws in Parliament today that aim to reduce pointless paperwork for businesses and minimise annoying cookie pop-ups, according to a government press release.

The Data Protection and Digital Information Bill was first introduced in the summer of 2022 and paused in September of that year so that ministers could co-design the new regime with business leaders and data experts.

The new laws will take the best elements of the General Data Protection Regulation (GDPR) and provide businesses with more flexibility about how they comply with the new data laws, all while maintaining the UK’s high standards for data protection and privacy.

The updated bill will simplify the data protection regime, provide businesses with greater flexibility, and reduce the amount of paperwork required to demonstrate compliance.

The new regime will also ensure data adequacy with the EU and maintain international confidence in the UK’s data protection standards.

The bill is expected to unlock £4.7 billion in savings for the UK economy over the next ten years, with data-driven trade generating 85% of the UK’s total service exports and contributing an estimated £259 billion to the economy in 2021.

The bill will increase fines for nuisance calls and texts to up to 4% of global turnover or £17.5 million, whichever is greater.

It aims to reduce the number of consent pop-ups that individuals see online, which allow websites to collect data about an individual’s visit.

The bill will also establish a framework for the use of trusted and secure digital verification services, allowing customers to create certified digital identities that make it easier and quicker for people to prove things about themselves.

The new laws will clarify the circumstances in which robust safeguards apply to automated decision-making, increasing public and business confidence in AI technologies.

Innovative technologies like AI and Quantum computing often rely on automated decision making, where significant decisions are made about people with no human involvement, or profiling, where an automated process analyses or predicts aspects about a person.

The bill ensures that the right safeguards are in place for people about whom those decisions are taken, and they will be made aware when such decisions are made and can challenge and seek human review when those decisions may be inaccurate or harmful.

TechUK CEO Julian David welcomed the new targeted package of reforms to the UK’s data protection laws, which will build consumer trust in the digital economy while maintaining robust privacy protections.

Chris Combemale, chair of the DPDI Business Advisory Group and CEO of the Data & Marketing Association (DMA UK), said that the bill should act as a catalyst for innovation and growth, while maintaining robust privacy protections across the UK.

John Edwards, UK Information Commissioner, welcomed the reintroduction of the Data Protection and Digital Information Bill and said that data protection law needs to give people confidence to share their information to use the products and services that power our economy and society.