The New Data (Use and Access) Bill: What You Need to Know

Print Friendly, PDF & Email

The New Data (Use and Access) Bill: What You Need to Know

Author: Alexander Cater

Key contact: Declan Goodwin

What is the Data (Use and Access) Bill?

The government’s new Data (Use and Access) Bill (“DUA Bill”) was published on 24 October 2024. It builds upon the Data Protection and Digital Information Bill prepared by the previous Government in March 2023, but with some noticeable differences.

Here, we break down what the DUA Bill seeks to achieve and what businesses will need to watch out for in the coming months and years.

Do businesses need to know about the DUA Bill?

Yes. While it is still early days for the DUA Bill, businesses should keep themselves aware of its progress and undertake a full review of their organisation’s use of personal data once it enters into law.

What are the main topics covered by the Bill?

Fines

The DUA Bill will see increased maximum fines under the Privacy and Electronic Communications Regulations (“PECR”) from £500k (currently) to £17.5 million or 4% of annual global turnover. This brings fines under PECR in line with those under UK GDPR.

Legitimate interest

Organisations who process personal data must have a lawful ground for such processing. The DUA Bill aims to clarify and perhaps expand the most commonly used ground known as “legitimate interest”, which will be welcome news to organisations. The Bill also looks to include additional “recognised legitimate interests”, such as national security, emergency response, and safeguarding where organisations are exempt from conducting a full Legitimate Interests Assessment when processing data.

Special category data

Under the DUA Bill, the Secretary of State will be able to expand special category data to include other types of data. This power is subject to Parliamentary approval, but would have ramifications for any organisations who use and process data that falls within any newly expanded definition of special category data.  

Automated decisions

Only automated decisions using sensitive data like health information will be automatically prohibited going forward. Automated decisions using other such data will be permissible provided adequate protections are in place.

Digital verification

The DUA Bill is paving the way for the creation of a public register that organisations and businesses will be able to voluntarily sign up to and demonstrate that they have met the appropriate data processing requirements.

Smart data

The DUA Bill is looking towards the creation of “smart data” schemes where service providers can share data between themselves at a customer’s request. The banking sector has already seen developments in this area under “Open Banking” where consumers can view all their financial information on one central platform, even where they may have accounts and savings with various banks or schemes.

Cookies

User consent will no longer be required for certain non-intrusive cookies including those for performance and statistical use. However, suitable notice and information about the cookie and the data collected must still be provided.

Research

Keeping in mind the future and the UK’s position as a leading research centre, the DUA Bill has provided further guidance and allowance for the use of data for research and scientific purposes. This will be a hot topic for discussion going forward as the government attempts to balance the need for advancement against the needs of the individual.

Transfer of data

The DUA Bill looks to create more flexibility when transferring data internationally where the standard of protection in the recipient country is not “materially lower” than the UK.

If you have any queries about how the DUA Bill may affect your business, or if you have any other data queries, then please get in touch with our Commercial & Technology team.

Recent Posts

Assisted dying and probate disputes
Assisted Dying and its Potential Impact on Probate Disputes
December 11, 2024
International Men's day
International Men’s Day: Lunch and Learn 
December 6, 2024
Business Benefits of the Global Talent Visa
The Business Benefits of the Global Talent Visa
December 5, 2024
Employment Tribunal Claim at Christmas
Party Pitfalls: Top Tips to Avoid an Employment Tribunal claim
December 5, 2024
Employment Law Update: Magnifying Glass 2024
Employment Law Update: A Reflection on 2024
December 5, 2024
Mediation: What to Expect
November 27, 2024

Archives

Categories

Skip to content