Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice

X

When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.

Reveal Menu

UK General Election - Impact on Data Protection and Digital Information Bill

 

We blogged recently on the Data Protection and Digital Information Bill that was working its way through the machinery of the UK legislative process and finally emerging in sight of the finishing line. But like a legislative game of snakes and ladders, the announcement by Rishi Sunak of a UK general election on 4th July has scuppered any chance of this bill becoming law in the near future. So what does this mean for data protection in the UK, and will the bill still become law?

Data Protection Image - Computer with privacy sheild.

A Bit of Latin

On 22 May 2024, the UK Prime Minister, Rishi Sunak, ended speculation by announcing that a general election would indeed take place in the United Kingdom on 4 July 2024. This meant that Parliament was prorogued on 24 May, followed by two days of washing up before being dissolved on 30 May. But wait, what does that sentence even mean? Is “prorogued” a made-up word, and why are the MPs doing the washing up? Surely they have staff for that?

In common with many other words we’ve never heard of, “prorogue” originates from Latin. It means “to stretch out” something, in this case the work of Parliament, to a future time. Basically it means to “take a break”. This has to be done before Parliament can be dissolved and all the MPs go home ready for the election. But there’s always a gap between the break being announced and the day of dissolution, and this involves a last mad dash to approve the legislation that they think really matters – the “wash-up” (“Lava est” in Latin if you were wondering).

Priorities in Washing Up

The Data Protection and Digital Information Bill had successfully navigated the House of Commons and had reached the Committee stage in the House of Lords when Rishi dropped his election bombshell. Given that the washing up period was unusually short, and that, according to the UK Parliament website, a total of two hundred and thirty-five bills were currently in process, the choice of bills to pass was not an easy one. In total a dozen bills were saved, half introduced by the Government and half by Backbenchers. The list included a bill to pardon victims of the Post Office scandal, a watered-down Leasehold and Freehold Reform Bill and one dealing with the abduction of pets. But along with the Criminal Justice Bill and the Tobacco and Vapes Bill, the Data Protection and Digital Information Bill was not on the list.

What Happens Now?

Bills introduced by the Government effectively have to start again when the new Parliament sits after the general election. This new Parliament could be of a very different makeup than the last, and have a whole new set of priorities for making legislation. The Conservative’s rationale for the Data Protection and Digital Information Bill was to remove “red tape” and make complying with data privacy law simpler for businesses post-Brexit. A new government may simply disagree with the idea behind it, or not see it as a priority in the next few years, in which case the bill won’t happen at all.

There is a possibility that the new Parliament may still want such legislation and will introduce it back at the very start of the process. In this case, the bill may progress more quickly through the House of Commons and The Lords because it has already been debated and represents a consensus that is generally acceptable. But this would depend very much on the post-election political landscape and nobody yet knows what that might look like.

What Does This All Mean?

In essence, nothing changes for UK organisations that process personal data. The Data Protection Act and the UK GDPR still apply, and the UK remains closely aligned with the privacy regime of the EU. Some would argue that this is a good thing, as it removes the possibility that changes to UK privacy law might put the EU’s adequacy decision for the UK at risk. Perhaps it means that the estimated economic opportunities of £4 billion that the bill was intended to unlock won’t happen. We’ll have to wait and see what kind of Parliament is returned in July, and where they see the UK going in terms of data protection. Watch this space.

 

Written by CertiKit’s Managing Director and founder, Ken Holmes CISSP, CIPP/E. Ken is the lead author of the toolkits and a data protection expert. 


Our Data Protection Toolkits

If you’re looking to improve your data privacy compliance, we have the following toolkits available to assist:

Each toolkit comes with unlimited email support with our consultants, and a lifetime subscription to the updates service so when a new version is released you will be notified to download.

We’ve helped more than 7000 businesses with their compliance

Testimonials

Compared to competing toolkits, your ISO27001 document structure was very good. The provided "Introduction" of each was useful (I have moved those out of the core documents and into a more comprehensive manual) for the general audience vs security staff. The inclusion of references to 27017 and 27018 were appreciated. You provided more "ISMS-C" oriented artefacts than competitors.

Trusted By Design Inc.
Canada

View all Testimonials