What the new bills included in the King’s Speech say about data

Now the election has been completed, the Labour Party won the majority and is leading Government and we have had the King’s Speech at the State Opening of Parliament, what does this mean for data and in particular personal data – you know, that GDPR / data protection thing!

There were 40 bills specifically named in the King’s Speech and whilst it may not be obvious, many will refer to or affect how we process personal data of our staff, clients, patients, customers or suppliers.

The most relevant bills for personal data and security of data are the Digital Information and Smart Data Bill, and the Cyber Security and Resilience Bill.

Taking each one in turn and looking at the key takeaways that we should be aware of…

Digital Information and Smart Data Bill

In the Governments words, this is aimed at “harnessing the power of data for economic growth”. It will give a legal (or statutory) footing for three main areas of innovation:

• It will establish Digital Verification Services. These are to support the creation and adoption of secure and trusted digital identify products and services, but only from certified suppliers. The idea is that this will help make everyday lives easier such as pre-employment checks, buying certain goods and services including those that are age-restricted.
• It will push forward the development of a National Underground Asset Register. This is digital maps of all those cables and pipes buried underground. Helping planners and those undertaking works to have access to data that will help them carry out the works.
• Setting up Smart Data schemes. This is a way of securely sharing customer’s data on their request, but only to authorised third-party providers. We already have a right to Data Portability in GDPR but, this is not about moving data out of your system it is about sharing what you have with others while keeping the data in your own system.

In addition the Bill will:

• Allow scientists to make better use of data for research including scientists working in commercial settings; and
• Amend the Digital Economy Act to help the Government share data about businesses that use public services. Interestingly this also includes creating an electronic system for births and deaths registration, and introducing standards for those who supply IT to the Health and Social Care sectors.

The Information Commissioner’s Office who are the regulator for all things personal data will be modernised to have a more modern regulatory approach with a CEO and will have new and stronger powers.

Hidden away in the briefing note from the King’s Speech is a sentence that tells us there will be targeted reforms to some data laws but it doesn’t expand on this so we have no idea at the moment which laws this will apply to.

So quite a lot in one Bill. Some of it may be interesting to see in operation.

Onto the...

Cyber Security and Resilience Bill

This is aimed at “strengthening the UK’s cyber defences” - something that we can all agree is necessary nowadays. It also aims to ensure that we can keep the critical infrastructure and digital services secure.

We are told that the UK will urgently update all relevant legislation to ensure that the economy is not left vulnerable.

Key takeaways from this Bill are:

• There will be an expansion of regulations to protect more digital services and supply chains (think about the recent cyber attacks that impacted critical health services).
• Regulators will be given more measures to ensure essential cyber safety is being implemented.
• There will be mandated incident reporting to help develop the wider picture of cyber-attacks including ransomware. Some sectors and larger companies do this but the Government is looking for all companies to report incidents.

This was a shorter briefing note on this particular Bill but it details the steps that are planned for the modern technological world that we all operate within.

Thoughts

As you will read, a lot of the aims are linked to the economy and ensuring that all sectors and companies can continue to operate safely and securely, whilst developing services and offers 

The progress of Bills through Parliament can take some time due to debates and consultations, but for us, having an awareness (or if you prefer ‘horizon scanning’) can help us with business planning.

Get in touch with us if you need help with personal data or GDPR.