UK’s Data Protection Bill Falls Through
On May 30, 2024, King Charles III dissolved the UK Parliament for the first time since his assent to the throne, paving the way for a general election on July 4, 2024. The dissolution was requested by Prime Minister Rishi Sunak on May 22, and the process officially started on May 30 after Parliament was prorogued on May 24.
This election is significant as it is the first general election since the UK left the European Union and the first July election since 1945. It also marks the first general election overseen by King Charles III, following the death of Queen Elizabeth II.
However, when Parliament is dissolved, any bills that haven't become law are stopped and usually have to start the process all over again in the new Parliament, unless special permission is given for them to continue. This ensures the new Parliament starts with a clean slate and can set its own priorities.
The UK's Data Protection and Digital Information (No. 2) Bill, which aimed to update and simplify the UK's data protection framework, had been progressing through Parliament but is currently stalled due to the dissolution, which means it will not make it further until the new Parliament convenes after the general election on July 4, 2024, at which point it will need to be reintroduced in the next parliamentary session if the government chooses to pursue the Bill further.
The Bill, which had its second reading in the House of Commons back in April 2023, included several provisions intended to modernize the UK’s data protection laws:
- Revamping the Information Commissioner's Role: The bill sought to provide a clear framework for the Information Commissioner's Office (ICO), outlining its objectives and duties related to data protection. This was intended to help the ICO prioritize its activities, allocate resources efficiently, evaluate performance, and be accountable to stakeholders.
- Digital Verification Services: It established a framework for digital verification services, ensuring that digital identities could be used as confidently as traditional paper documents.
- Increased Penalties for Nuisance Communications: The bill proposed higher fines for nuisance calls and texts under the Privacy and Electronic Communications Regulations (PECR).
- Reducing Consent Pop-Ups: Updates to the PECR aimed to minimize the frequency of 'user consent' pop-ups and banners, enhancing user experience.
- Smart Data Schemes: The bill facilitated the sharing of customer data through smart data schemes, enabling services like personalized market comparisons and account management.
- Modernizing Registration Processes: It reformed the registration of births and deaths in England and Wales, transitioning from a paper-based system to an electronic register.
- Enhancing Data Use for Security: The bill supported the use and flow of personal data for law enforcement and national security purposes.
- Clear Legal Basis for Political Data Processing: It provided a clearer legal foundation for political parties and elected officials to process personal data for democratic engagement purposes.
As the UK prepares for its first general election since leaving the EU and the first under King Charles III, the fate of the Bill remains uncertain. The next Parliament will have the opportunity to reintroduce and possibly revise it in order to address the pressing need for data protection and digital information in the UK, thus reflecting their new priorities in light of the changing landscape of digital privacy.