New data protection guidelines being set out by the government will allow British citizens to delete personal data
A new overhaul of UK data protection law will allow people to have personal information about themselves deleted on request.
Companies who fail to delete information will face fines of up to £17million, in the case of serious data breaches, from the UK’s data protection watchdog.
The move will bring many points of the EU’s General Data Protection Regulation (GDPR) into British Law.
Digital Minister Matt Hancock, who is drafting the bill, explained the benefits of the new rules:
“The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world.
“The Bill will give people more control over their data, require more consent for its use, and prepare Britain for Brexit.”
“We have some of the best data science in the world and this new law will help it to thrive.”
Aims of the bill
The new bill hopes to improve personal data security in several ways:
- Make it easier for consent to be withdrawn for the use of data.
- Require ‘explicit’ consent for the processing of sensitive data.
- Expand the definition of ‘personal data’.
- Make it easier for data to be deleted.
- Make it easier to move data between companies and institutions.
- Regularly update data laws to adapt to new tech developments.
These rules will apply to data ranging from your name to your DNA, and include your own social media posts.
However, there are some concerns over certain groups refusing to delete data, if they believe it to be a matter of freedom of speech or scientific importance.
The Information Commissioner Elizabeth Denham has praised the new measures but said that it was ‘almost impossible’ for the public to grasp how their data is handled.
The government hopes that in the face of an upcoming exit from the EU and with recent hacking scandals, the new bill will allow people to adapt their data use to a changing environment.
