Revised Data Grab Bill an even greater threat to privacy

Open Rights Group has responded to the publication of a new draft of the Data Protection and Digital Information Bill. The revised Bill fails to address the privacy concerns raised by civil society, and in fact expands the ways that businesses and government bodies can process, use and re-use our data.

Policy manager Abigail Burke said:

“It appears that the revised version of the Data Protection and Digital Information Bill will be worse than the last, posing an even greater threat to our privacy rights.

“The Government seems intent on undermining our ability to have control over our data, instead greatly expanding the power of businesses and government departments to collect, process and re-use our data in new ways.

“The UK has an opportunity to create a world-leading data protection law that puts people’s privacy rights at the fore, and aligns with our biggest markets. Instead, this appears to be an attempt to take power from citizens and give it to government.”

Threats to business

As well as harming data rights, the government’s proposals have been criticised as potentially damaging for the economy, by putting the UK at risk of failing to meet EU adequacy requirements. Conservative estimates found that the loss of the adequacy agreement would cost 1 to 1.6 billion pounds in legal fees alone, not including the cost resulting from disruption of digital trade, investments, and the relocation of UK businesses to the EU.

Numerous businesses have spoken out about the negative impacts of the bill’s proposals. Navigating multiple data protection regimes would create extra costs for many businesses, who will have to adapt their processes to two sets of regulations.¹ In addition, scrapping good governance measures such as data protection officers exposes businesses to uninsured risks, and reputational damage arising from data breaches. If passed, the Bill could encourage irresponsible business practice and fuel a race to the bottom in regulatory standards, harming Britain’s global reputation.

Failure to consult with civil society

ORG is concerned that privacy and civil society organisations have not been included in the drafting of the Bill. In June 2022, over 30 civil society organisations wrote to the then Secretary of State for the Department for Digital, Culture, Media, and Sports (DCMS), Nadine Dorries, over what we believe was an unlawful consultation process into data reform where DCMS broke its promise to engage equally with representative groups by refusing to meet and substantially engage with civil society as part of its consultation process.

This week, Open Rights Group and 25 other civil society organisations wrote an open letter to Michelle Donelan asking the Secretary of State to scrap the Bill and start again.

Burke added, “The government’s proposals will affect us all but particularly those who are already vulnerable and marginalised. We urge the Secretary of State to listen to the concerns of privacy groups and civil society and go back to the drawing board and put people, at the centre of this legislation.”