Following its Second Reading in the House of Lords, on 22 November 2017 the draft Data Protection Bill (the “Bill”) passed the Committee Stage and will next be considered at the Report Stage on 11 December 2017. The Bill was initially published on 14 September and once finalised it will repeal the current Data Protection Act 1998 (the “DPA”). The Bill implements various national derogations permitted by the GDPR and also extends the GDPR standards to certain areas of data processing outside EU competence. The Bill also provides for the continuation of the Information Commissioner’s role.The Bill will therefore stand alongside the GDPR until the UK leaves the EU. At that point, if the UK is no longer part of the EEA as currently envisaged, the GDPR will fall away but the UK Government intends to replicate the regulation in national legislation through the European Union (Withdrawal) Bill – the so-called “Great Repeal Bill”.
The Bill imports much of the DPA and therefore contains few surprises for businesses, but it does at least confirm for the first time the Government’s intention to retain many of the DPA derogations and exemptions, which is welcome news.
To access the draft Bill please click here.
To access the explanatory notes please click here.
Andrew Moir
Partner, Intellectual Property and Global Head of Cyber & Data Security, London
Key contacts
Andrew Moir
Partner, Intellectual Property and Global Head of Cyber & Data Security, London
Disclaimer
The articles published on this website, current at the dates of publication set out above, are for reference purposes only. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action.