UK government to replace GDPR with ‘truly bespoke’ data privacy regime

After pausing the Data Protection and Digital Information Bill, the government has announced plans to ditch the reforms and create an entirely new data privacy regime.

Britain will replace the European Union’s General Data Protection Regulation (GDPR) with a new “business- and consumer-friendly” data privacy regime, the new digital, culture, media and sport secretary Michelle Donelan has pledged.

Speaking at the annual Conservative Party conference this week, Donelan promised the new regime will be “simpler” and “clearer” for businesses to navigate.

“Our plan will protect consumer privacy and keep their data safe while retaining our data adequacy so that businesses can of course trade freely,” she said.

“No longer will our businesses be shackled by lots of unnecessary red tape.”

Under the previous government, GDPR was due to be replaced by the Data Protection and Digital Information Bill, which was to have its second reading in Parliament on 5 September. The proposals included measures which would change the consent requirement for cookies, extend the “soft opt-in” for marketing material to more organisations, and tighten rules around cold callers.

In June, when details of the bill were revealed, marketing and advertising organisations expressed concern about what the proposals would mean for the industry. While the Internet Advertising Bureau (IAB) UK said it was “cautiously positive” about aspects of the proposals, the Advertising Association said “risking the UK’s data adequacy decision from the EU would only serve to increase trade barriers”.

However, the reform was put on pause when Liz Truss was announced as the new Conservative Party leader and prime minister last month.

According to Donelan, the government’s new plan is to create its own “truly bespoke” privacy rules, rather than reforming the existing system.

“Our new data protection plan will focus on growth and common sense, helping to prevent losses from cyber attacks and data breaches, while protecting data privacy,” she continued.

“This will allow us to reduce the needless regulations and business stifling elements, while taking the best bits from others around the world to form a truly bespoke, British system of data protection.”