Changes to data protection laws – The Data Protection and Digital Information Bill
A raft of changes to the Data Protection rules have been laid before Parliament in the Digital Information Bill which aims to build an innovative data protection regime in the UK.
The changes to data protection laws include new powers to require data from third parties, particularly banks and financial organisations, to help the UK government reduce fraud and save the taxpayer up to £600 million over the next five years. Currently, Department for Work and Pensions (DWP) can only undertake fraud checks on a claimant on an individual basis, where there is already a suspicion of fraud.
The new proposals would allow regular checks to be carried out on the bank accounts held by benefit claimants to spot increases in their savings which push them over the benefit eligibility threshold, or when people spend more time overseas than the benefit rules allow for. This will help to identify fraud and take action more quickly. To make sure that privacy concerns are at the heart of these new measures, only a minimum amount of data will be accessed and only in instances which show a potential risk of fraud and error.
Another measure offers vital reassurance and support to families as they grieve the loss of a child. In cases where a child has died through suicide, a proposed ‘data preservation process’ would require social media companies to keep any relevant personal data which could then be used in subsequent investigations or inquests.
Current rules mean that social media companies aren’t obliged to hold onto this data for longer than is needed, meaning that data which could prove vital to coroner investigations could be deleted as part of a platform’s routine maintenance. The changes to data protection laws tabled before Parliament represents an important step for families coming to terms with the loss of a loved one and takes further steps to help ensure harmful content has no place online.
The use of biometric data, such as fingerprints, to strengthen national security is also covered by the amendments, with the ability of Counter Terrorism Police to hold onto the biometrics of individuals who pose a potential threat, and which are supplied by organisations such as Interpol, being bolstered.
This would see officers being able to retain biometric data for as long as an INTERPOL notice is in force, matching this process up with INTERPOL’s own retention rules. The amendments will also ensure that where an individual has a foreign conviction, their biometrics will be able to be retained indefinitely in the same way as is already possible for individuals with UK convictions – this is particularly important where foreign nationals may have existing convictions for serious offences, including terrorist offences.
How Techn22 can help
Techn22 specialises in providing cutting-edge solutions for businesses navigating the complexities of data protection and cybersecurity, particularly important in light of the Data Protection and Digital Information Bill. Our expertise lies in crafting tailored strategies that not only ensure compliance with the latest regulations but also fortify data security against emerging threats. We offer comprehensive services, including risk assessment, secure cloud managed services, data protection policy development, dark web monitoring, phishing simulation, and employee training programmes. Our advanced monitoring tools are designed to keep a vigilant eye on potential data breaches and cybersecurity threats, ensuring that businesses are always a step ahead.
“In light of the recent updates to the Data Protection and Digital Information Bill, it’s crucial for businesses to stay agile and informed. The new provisions, particularly those around third-party data access and biometric data usage, represent a significant shift. Businesses must now reassess their data handling and protection strategies to ensure compliance with these changes. This includes understanding the expanded powers of government bodies in fraud detection, the implications of data preservation in sensitive cases, and the nuanced requirements around biometric data. Adapting to these changes isn’t just about legal compliance; it’s about maintaining customer trust and safeguarding our digital ecosystem. A proactive approach in updating internal policies and training staff is essential. It’s an opportunity for businesses to lead in ethical data management and contribute to a safer, more responsible digital environment in the post-Brexit UK.” – Gareth Dalton, Managing Director, Techn22
With Techn22, companies can rest assured that their data management practices are robust, compliant, and aligned with the best practices in digital information security, thus safeguarding their reputation and maintaining customer trust in this dynamic digital era.
See: Changes to data protection laws to unlock post-Brexit opportunity – GOV.UK
