The UK government has introduced the Data (Use and Access) Bill (DUA) to reform data protection regulations. The aim is to enhance public sector efficiency and potentially boost the economy by £10 billion.
The bill seeks to streamline data sharing in critical sectors, addressing digital identity verification and online data management. Technology Secretary Peter Kyle highlights the potential to alleviate administrative burdens on frontline workers.
One controversial aspect is the proposed alteration to privacy notice requirements, which raises concerns about transparency for data subjects.
The bill also proposes amendments to the Privacy and Electronic Communications Regulations (PECR) to align pixel tracking and device fingerprinting with existing cookie regulations.
Digital rights organizations are alarmed by the provisions regarding automated decision-making, arguing that it limits individuals' rights and could enable critical decisions without oversight. The bill also grants the Secretary of State the authority to exempt certain automated decision-making systems from data protection safeguards.
The DUA reflects the UK's need to align its data protection framework with EU standards to maintain the flow of EU user data to the UK. The bill's revisions to GDPR provisions are likely to be viewed favorably by the European Commission.
The Data (Use and Access) Bill represents a significant shift in the UK's approach to data protection, with implications for privacy rights, automated decision-making, and economic growth.