Britain is set to end ‘pointless’ web cookie requests as part of post-Brexit clean-up of cumbersome EU data laws
- Culture Secretary Oliver Dowden to outline how data can be used more flexibly
- Government intends to shift from parts of the EU’s General Data Protection Regulation
- GDP has been criticised for being too bureaucratic and overly prescriptive
Plans to sweep away swathes of the EU’s flagship data laws could spell the end of ‘pointless’ web cookie warnings and red tape, the Culture Secretary will announce on Thursday.
In what is the first post-Brexit shake-up of the UK’s digital economy, Oliver Dowden is set to outline how Britons’ data can be used more flexibly.
Speaking to The Telegraph, Mr Dowden said the Government intends to peel away from key parts of the EU’s General Data Protection Regulation, which came into force in 2018.
GDPR, which governs how people’s personal information is collected, has been criticised for being too bureaucratic and overly prescriptive.
Mr Dowden suggested the new reforms would also cut down on cookie banners, which are used by websites to secure users’ consent for storing their data.
At present under the GDPR rules, sites have to give users a genuine choice over whether to say ‘yes’ or ‘no’ to cookies which process and share their personal data.
Plans to sweep away swathes of the EU’s flagship data laws could spell the end of ‘pointless’ web cookie warnings and red tape, the Culture Secretary will announce on Thursday
Ministers are also said to be planning to shake up Britain’s data watchdog.
The Government is set to appoint John Edwards, who is currently New Zealand’s privacy commissioner, to head up the regulator.
Mr Dowden described the reforms as a ‘data dividend’ of Brexit and said the new British framework would be ‘more proportionate’.
He added that it would help to cut costs for businesses and enable ‘greater innovation’ which will also ‘drive growth and opportunities and jobs’.
Mr Dowden said the Government intends to peel away from key parts of the EU’s General Data Protection Regulation, which came into force in 2018
However, the EU continues to trumpet GDPR as having improved data privacy standards across the world, meaning the UK could trigger fresh tensions with the bloc by deviating from the rules.
The plans will also likely be scrutinised by privacy campaigners who fear further online profiling of individuals and greater massing of personal data by big companies.
Mr Dowden said the reforms would bring an end to ‘pointless bureaucracy’ and ‘box ticking’ but would still protect people’s privacy.
WHAT IS THE EU’S GENERAL DATA PROTECTION REGULATION?
The European Union’s General Data Protection Regulation (GDPR) is a new data protection law that entered into force on May 25, 2018.
It aims to strengthen and unify data protection for all individuals within the European Union (EU).
This means cracking down on how companies like Google and Facebook use and sell the data they collect on their users.
The law will mark the biggest overhaul of personal data privacy rules since the birth of the internet.
Under GDPR, companies are required to report data breaches within 72 hours, as well as to allow customers to export their data and delete it.
The European Union’s General Data Protection Regulation (GDPR) is a new data protection law that entered into force on May 25
Part of the expanded rights of data subjects outlined by the GDPR is the right for data subjects to obtain from the data controller confirmation as to whether or not personal data concerning them is being processed, where and for what purpose.
Further, the controller must provide a copy of the personal data, free of charge, in an electronic format.
This change is a dramatic shift to data transparency and empowerment of data subjects.
Under the right to be forgotten, also known as Data Erasure, are entitled to have the data controller erase their personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data.
The conditions for erasure include the data no longer being relevant to original purposes for processing, or a data subject withdrawing their consent.
This right requires controllers to compare the subjects’ rights to ‘the public interest in the availability of the data’ when considering such requests.
Source: Read Full Article