UK government to ditch GDPR in favour of post-Brexit system in potential headache for industry

The UK government has announced it is set to replace General Data Protection Regulation (GDPR) with a new “consumer-friendly”  British data protection system.

Speaking at the Conservative Party Conference in Birmingham, Secretary of State for the Department for Digital, Culture, Media and Sport (DCMS) Michelle Donelan said the new system would banish EU “red tape” holding back UK businesses.

Donelan was appointed by Prime Minster Liz Truss as part of her first cabinet and also has oversight of the white paper into the Gambling Act 2005 review as part of her remit.

Donelan’s comments seem to confirm the planned data reform bill, which was laboured over during Boris Johnson’s Premiership, is set to be scrapped in favour of a new Liz Truss-minted policy.

This could have knock-on effects for the white paper, which is still with Number 10 awaiting final approval after being delivered by former Gambling Minister Chris Philp.

Speaking on the new data protection system, Donelan said: “Our plan will protect consumer privacy and keep their data safe while retaining our data adequacy so that businesses can of course trade freely.

“I can promise to you here today… that it will be simpler, it will be clearer for businesses to navigate – no longer will our businesses be shackled by lots of unnecessary red tape,” she added.

Donelan went on to suggest the UK would look to countries outside of the EU’s GDPR regulation for inspiration on building the new policy, with the former Education Secretary citing the move as a “post-Brexit opportunity”.

While Donelan’s speech was light on actual details against the headline policy, the Information Commissioner’s Office (ICO) welcomed her comments.

The ICO said: “We are pleased to hear the government’s commitment to protecting people’s privacy, preserving adequacy and simplifying data protection law. We look forward to seeing further details, and stand ready to provide our advice and insight.”

However, Donelan’s speech came under fire from Labour MP Chris Bryant, who labelled the move as “madness”.

GDPR legislation was implemented in the UK and across the EU in May 2018, with the aim of making organisations more accountable for their use of personal data.

At the time the legislation was introduced, the UK Gambling Commission (UKGC) said GDPR would not hamper operators’ ability to be compliant.

The UKGC said: “We take the view that GDPR is not intended to prevent operators from taking steps which are necessary in the public interest, or are necessary to comply with regulatory requirements under a gambling licence.

“GDPR should not be improperly used as an excuse to avoid taking steps which enable compliance with licence conditions, promote socially responsible gambling and promote the licensing objectives.”

The move to launch a new data protection system could cause headaches for operators who offer gambling-based services in the EU, as well as in the UK.