In a communicated released by the UK Department for Digital, Culture, Media and Sport on June 17, the UK government has discussed the changes it wants to make as part of its Personal Data Reform Bill. In 2021, the United Kingdom had indicated its desire to detach itself from the GDPR, which implies the creation of a law adapted to the wishes of the country in terms of data protection.
Towards the end of UK cookie pop-ups
The main change made by the British government concerns cookies. Indeed, since the implementation of the GDPR within the EU, when an Internet user visits a website, he may see an additional page appear (a pop-up) asking him if he prefers to accept or refuse cookies. .
Twenty companies and universities create the Alliance Blockchain France
The objective of this practice is to protect the user by offering them the possibility or not that a website can collect their personal data. This practice is not always respected by the sites: if this is the case, the CNIL (National Commission for Information and Liberties) and its European equivalents intervene to resolve the problem.
As part of the UK bill, the government wants to get rid of these pop-ups in order to replace them with an opt-out model. Instead of the user accepting or refusing cookies for each website, he chooses directly in the settings of his computer, if he accepts (or not) that the sites can collect his data thanks to cookies. The Internet user can also create an exception list: if he wishes to refuse cookies on certain sites only, he will only have to add the domain name of the site to the appropriate list.
The objective is to allow Internet users to remain in control of their data, but to offer them a smoother experience when browsing, without pop-ups or banners. Of course, if the browser is to provide these controls, the UK will have to engage with the developers of those browsers to ensure that this system works flawlessly.
Several major changes from GDPR in the European Union
In addition to this major change, the future personal data reform will bring some changes to the GDPR. The Ministry of Digital, Media, Culture and Sport specifies that “ the Data Reform Bill will more clearly define the scope of scientific research and make it clear to scientists when they can obtain user consent to collect or use data for broad research purposes “.
The aim is to ensure that scientists can rely on the consent an individual has provided that their data can only be used for the research in question.
The government also wants to change how companies can use personal data. For example, it will remove the obligation for small businesses to have a data protection officer or to undertake impact assessments to assess the risks associated with the use of this data. However, organizations will still be required to have a privacy management program in place to ensure that they are accountable with respect to the processing of personal data.
If in 2021, the European Commission had ruled so that personal data could freely circulate between the EU and the United Kingdom, the promulgation of this bill could potentially call this agreement into question.