Plans for a new UK data protection regime have been confirmed in the Queen’s Speech.
Presented to Parliament by Prince Charles, the speech includes a brief reference to the Government’s earlier proposals to develop an alternative to the EU General Data Protection Regulation (GDPR).
It has indicated a desire for a more flexible approach that does not rely on what it has described as the “box ticking” of GDPR.
Proposals for public services included a clarification of what health data public and private bodies could lawfully process, and to improve cross-sector working on operations relevant to national security.
The published background notes to the speech provide little detail on the future bill, but say its purpose is to create a new trusted data protection framework that reduces burdens on businesses and supports scientific innovation, and increase industry participation in smart data schemes to give citizens more control of their data.
One of the intended benefits is to support the effective use of data in public healthcare, security and government services.
Future for ICO
The notes also refer to modernising the Information Commissioner’s Office (ICO), making it accountable to Parliament and the public. The consultation the Government ran last year included proposals for ICO to work within strategic priorities set by the Department for Digital, Culture, Media and Sport under an independent board and chief executive officer.
IT industry association techUK welcomed the announcement, albeit a cautionary note.
Its CEO Julian David said: "Developing a clearer, more trusted, and innovation enabling data governance system is one of the most obvious opportunities of Brexit.
"New legislation should deliver changes to the law to clarify the legal basis for how data can be re-used for research and innovation, as well as introduce an exhaustive list of activities where data can be more easily accessed to help companies innovate. For example, making it easier for companies to prevent algorithmic bias and take more effective action to prevent fraud.
"However, any changes need to maintain the high standards of UK data protection law. Achieving this will mean the UK can continue international data partnerships such as with the EU."
