The Queen’s Speech 2022 delivered yesterday by Prince Charles, setting out the Boris Johnson Government’s proposed legislative plans for the next parliamentary year, included much of interest to private security, whether physical or cyber.
The Government says that the ‘data protection regime will be reformed’. According to background notes from the Government, that reform will bring a ‘new pro-growth and trusted UK data protection framework that reduces burdens on businesses, boosts the economy, helps scientists to innovate and improves the lives of people in the UK’. More concretely, it means replacing the 2018 Act which updated the 1998 data protection law, and (before the UK left the European Union) put into law the EU-wide GDPR (general data protection regulations).
Comments
Camilla Winlo, Head of Data Privacy, Gemserv, said: “Data-driven innovation has the potential to transform the way we live and work. For it to succeed, it is essential that innovators develop their products and services within a framework that allows individuals to trust that their personal data will be used in their best interests and that they will be protected from harm. If the UK can create a flexible data protection environment that supports innovators, it could be hugely beneficial for UK PLC.
“However there are many challenges to overcome in order to achieve this goal and it will be some time before any changes start to take effect. Until then, organisations must continue to meet their GDPR obligations – and those that take data privacy seriously today are likely to be best placed to realise the benefits of future reform.”
Cillian Kieran, CEO and Founder of tech firm Ethyca, says: “Those concerned that high data protection standards pose an impediment to innovation should consider that data adequacy offers huge efficiencies in terms of both resource and planning certainty for UK-based companies doing business in Europe. What will the innovation opportunity cost be if UK compliance teams are forced to spend years reworking data and data transfer policies as a result of losing adequacy with the EU? Just ask the US legal teams picking up the pieces in the aftermath of 2020’s Schrems II ruling – the uncertainty has been a significant drag on trans-Atlantic data-driven businesses.
“Jeopardising adequacy status could backfire for groups who see higher data protection standards as an impediment to innovation. To preserve data flows and promote collaboration, different jurisdictions need to be able to bridge their requirements for data processing.
“It would be shortsighted to base a consequential shift in data protection standards on the high cost of compliance. Government and business must approach privacy and innovation as partners, not opponents. These tensions are not an indicator that the standards are at issue; rather, they are a signal that our means for achieving those standards should be revisited and improved.”
And John Hetherton, Head of Compliance at encryption firm Evervault says: “Given the current stalemate between the US and Europe over Schrems (ii), the UK would be unwise to deviate too far from the GDPR and risk losing its adequacy status. It’s fair to say that while some white smoke has risen between Presidents Biden and Von der Leyen, an adequacy agreement between the two countries is likely a ways away.
“Large Tech currently find themselves in the unenviable position of having to duplicate infrastructures already present in the US into Europe to process EU citizens’ data in line with GDPR, a fate that UK organisations are keen to avoid.”
For the Queen’s Speech visit https://www.gov.uk/government/speeches/queens-speech-2022.
