IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Government reveals fresh replacement for GDPR will be a ‘bespoke, British’ system

The DCMS is to be co-designed with businesses with the aim of streamlining data protection, but some already call the change unneeded

The government has made fresh comments confirming its plans to scrap GDPR and instead create a new system of data regulation for the UK based on "common sense".

The new regulation will be 'intensive', said the secretary of state for digital, culture, media and sport (DCMS) Michelle Donelan, who did not offer any specific details about how the regulation may take shape.

“Our plan will protect consumer privacy, and keep their data safe, whilst retaining our data adequacy, so that businesses can trade freely,” said Donelan, who formally announced the move at the Conservative Party Conference, currently taking place in Birmingham.

“Our new data protection plan will focus on growth, on common sense, on helping to prevent losses from cyber attacks and data breaches, while also protecting data privacy.”

Citing the abundance of 'red tape' as a primary goal for enacting the new regulation, Donelan quoted a DCMS survey in which 50% of polled businesses said that the General Data Protection Regulation (GDPR) had led to "excessive caution" amongst their workforce when handling data.

Donelan emphasised that the new system will be co-designed with businesses, and cited the example of countries that have achieved data adequacy without implementing GDPR, such as Israel, Japan, South Korea, Canada and New Zealand.

However, many familiar with GDPR and wider data regulation have already voiced their criticism of the idea, which is being billed as unnecessary.

Related Resource

Just enough data governance

Building program momentum and scale with agility

Whitepaper cover with title on orange background and image of colleagues sitting and looking at a laptop screenFree Download

“I get really annoyed at this,” wrote former Conservative MEP Lord Kirkhope, in a tweet.

“The so-called “EU GDPR” was actually partly written by me and other UK MEPs and is understood and accepted Internationally. It’s [sic] “proportionality” provisions were my idea. Leave it alone!”

Chair of the Standards and Privileges Committee Chris Bryant MP also pointed out that new regulation could end up not only giving data protection officers even more work, but also costing businesses more.

“This is madness,” he tweeted in response to the announcement.

“UK companies will still have to abide by GDPR if they want any online business in the European Union (as other non-EU companies already do). So UK divergence will simply mean UK double costs.”

The government had announced plans earlier in 2022 to replace the UK’s implementation of the GDPR with the Data Reform Bill, which was intended to cut “red tape and pointless paperwork” and decrease the steps needed to use data in scientific research.

Progress on these plans was put on hold as prime minister Liz Truss built her own cabinet this summer. It appears this new legislation will take its place

The UK follows the regulatory framework of the Data Protection Act (DPA) 2018, which ensures that the UK retains data adequacy on the collection, processing, and storage of data and sets out the role of the Information Commissioner’s Office (ICO).

After January 2021, the UK also implemented its own regulations based on GDPR, known as the UK GDPR, to maintain adequacy whilst making some changes to the rights and obligations around processing personal data that are local to the UK.

The DPA 2018 works in tandem with, and occasionally provides exemptions for, the UK GDPR such as for law enforcement.

This is essential for UK businesses, as it ensures that sufficient data protection policies are enforced, whilst keeping the UK compliant with regulations that let companies continue to trade with and operate in the EU. Without EU-compliant data protection, UK firms could not collect or process EU data.

Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download

Most Popular

The top 12 password-cracking techniques used by hackers

The top 12 password-cracking techniques used by hackers

14 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation
cyber crime

Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation

25 Nov 2022