The new and improved Data Protection and Digital Information Bill

The DPDI was presented to much fanfare in early March – but what does it promise to deliver?

Back in 2018 the EU introduced its General Data Protection Regulation (GDPR), a new, one-size-fits-all set of rules covering personal data. It went EU-wide in May of that year, and ushered in tougher rules on the processing and storage of personal data, as well as new demands on consent. To the consumer it marked the introduction of a never ending flurry of consent pop-ups, and to businesses a murky picture of how they should handle their customers’ information. But all this is about to change.

On March 8th, Technology Secretary Michelle Donelan introduced the Data Protection and Digital Information Bill (DPDI) to the UK parliament.

The proposed reforms to the data rules will not only provide a much needed clarity of the new UK-specific legislation, but is also being promoted as a vessel for additional pro-growth opportunities for businesses. One of the most important aspects of the bill is that these changes to three pieces of existing legislation work concurrently with maintaining a high standard of protection for customers, by preserving the key ethical principles of existing laws.

The result will see simplified administration responsibilities for small businesses, and a knock-on predicted saving of £4.7 billion for the UK economy over the next 10 years.

Some of the spotlight proposals include:

• A reduction in the amount of paperwork needed for organisations to demonstrate compliance.
• No additional costs, as long as a business is compliant with current data rules. This new framework will support and boost international trade, and do so cost-effectively.
• Fine tuning the rules surrounding personal data and consent. This will give organisations an improved confidence when processing customers’ information.
• Fine tuning the rules surrounding personal data and consent. This will give organisations an improved confidence when processing customers’ information.

Allay commonly held fears about using AI technologies to process data, by clearly defining when robust safeguards do and don’t apply to automated decision-making.

Significantly, the DMA has been instrumental during the consultation phase. DMA’s CEO Chris Combemale chaired the Business Advisory Group which sat side-by-side with officials and the Secretary of State and Department for Science, Innovation and Technology DSIT (formerly DCMS).

In a statement, Combemale underlined how important clarification and supporting business was fundamental to the proposals: “The DMA has collaborated with the government throughout the Data Protection and Digital Information Bill (DPDI)’s development to champion the best interests of both businesses and their customers. We are confident that the bill should act as a catalyst for innovation and growth, while maintaining robust privacy protections across the UK… Attracting and retaining customers and donors is a fundamental legitimate interest of businesses and charities, so we are delighted the government has acknowledged this in the reforms to help drive innovation and growth.”

Next on the reform list affects the marketing community, particularly the tireless efforts of the charity sector – there will be an extension to the soft opt-in for email to non-commercial organisations. This will create new freedoms for charities to communicate with existing donors and volunteers as easily.

Another welcome change for both sides of the fence will be an expanded range of exemptions to cookie consent requirements. There’s barely an internet surfer on the planet who craves more consent banners. This is especially true for visitors to ecommerce and charity sites which don’t advertise third party services or products. This can only improve the customer’s experience, which, in turn, should increase traffic and prolong activity on websites.

Rogue callers are also in the crosshair. Fines for nuisance calls and texts will increase from £500,000 to up to 4% of global turnover or £17.5 million, whichever is greater. That’s a much sharper pin-prick, and will increase consumer trust.

The bill is still progressing with the DMA remaining very much in the picture. According to Combemale, all parties are seeking “improvements such as clarity on the scope of industry codes of conduct as specified in UK GDPR. This is significant for creating an industry ethical and legal framework to build trust in the digital economy.”

With these new clarifications, plus the new focus on successful interactions between customers and the business and non-profit industries, the use and handling of personal data is entering a modern era. This will provide yearned for reassurance and safeguards in an ever more digital world.