Britons will be able to gain more control over what happens to personal information under proposals outlined by the government and as part of the new GDPR regulations, that replace the Data Protection act in May next year. For example, citizens will be able to ask for personal data, or information posted when they were children, to be deleted.

The proposals are part of an overhaul of UK data protection laws drafted under Digital Minister, Matt Hancock.

Firms that flout the law will face bigger fines, levied by the UK’s data protection watchdog, fines can be of up to 4% of a Company’s global turn over. The bill will transfer the European Union’s General Data Protection Regulation (GDPR) into UK law. It is felt that, “the new Data Protection Bill will give the UK one of the most robust, yet dynamic, set of data laws in the world,” said Mr Hancock in a statement. “It will give people more control over their data, require more consent for its use, and prepare Britain for Brexit,” he added.

Proposals included in the bill will:

This places a strong burden on firms to protect data and allows for significant fines if they fail to protect information or suffer a breach.

The world of social media will be affected, people who worry about embarrassing social media posts lingering online for years, can soon have the right to ask for them to be removed. And should anyone wish for any firm that holds your personal data – from your name to your DNA – you will be able to ask them to delete it. There are, however, arguments that those holding the data can put forward to refuse such requests, such as freedom of expression and matters that are of scientific or historical importance or have a legal requirement such as the NHS.

Many of these measures are already part of the EU’s forthcoming GDPR, but they are also being woven into the government’s bill. All of this goes beyond the “right to be forgotten” rules that already apply to search engines – those affect what can be listed in search results – but the GDPR and associated legislation impact data held by a wide range of companies.

In the UK firms that suffer a serious data breach could be fined up to £17m or 4% of global turnover. The current maximum fine firms can suffer for breaking data protection laws is £500,000.

The UK’s Information Commissioner will have its powers strengthened and extended to help it police the new regime. Elizabeth Denham, the information commissioner, was quoted to have said: “We are pleased the government recognises the importance of data protection, its central role in increasing trust and confidence in the digital economy and the benefits the enhanced protections will bring to the public.”

Larger companies are well versed on the requirements moving forward but small companies were largely in the dark about what the proposed law would mean for them, warned Mike Cherry, national chairman at the Federation of Small Businesses. “They simply aren’t aware of what they will need to do, which creates a real risk of companies inadvertently facing fines,” he said.

If your business large or small needs any free advice on the new legislations, GDPR or Data Protection, call Concept Management on 01204 363184