In preparation for the new General Data Protection (GDPR) Regulation that comes into force next year, the long-awaited Data Protection Bill was published on 14th September 2017.
The House of Lords have been scrutinising the bill, despite there being an accompaniment of 112 pages of explanatory notes, a four-page factsheet and a five-page impact assessment. They feel there is still a lot of confusion about the purpose and effect of the bill.
The Data Protection Bill has a number of aims but, however, does not incorporate the GDPR into UK law. The GDPR is a regulation, and so is directly applicable when it comes into force in May 2018, replacing the Data Protection Act 1998. It doesn’t need to be ‘signed into British law’ while the UK remains a member of the EU. After Brexit, it will remain the law because of the provisions of the European Union Bill.
If you would like to read more about the Data Protection Bill, click here.