New UK data laws set to make annoying cookie pop-ups crumble
Website pop-ups asking you to consent to cookies have become a regular -- if irritating -- feature for European internet users since the introduction of GDPR in 2018.
As part of a post Brexit shake up of data law the UK government has announced that its Data Reform Bill will cut down on the number of times these 'user consent' boxes will be shown.
Reform of the Privacy and Electronic Communications Regulations (PECR) will see the introduction of a new 'opt-out' model for cookies which will heavily reduce the need for users to click through consent banners on every website they visit. The government says users will be better enabled to set an overall approach to how their data is collected and used online -- for example via their internet browser settings.
This comes at a time when tech companies like Google are giving users more power to reject cookies across the board.
Another benefit for consumers from the bill is an increase in fines for those contacting consumers with nuisance calls and texts. Fines will increase from the current maximum of £500,000 ($613,000) and be brought in line with current UK GDPR penalties which are up to four per cent global turnover or £17.5 million ($21.5 million), whichever is greater.
The bill will ease the burden for businesses too. Certain organizations, such as small businesses, will no longer need to have a Data Protection Officer (DPO) and undertake lengthy impact assessments. They will still have to have a privacy management program to ensure they are accountable for how they process personal data. The same data protection standards will remain but organizations will have more flexibility to determine how they meet those standards.
Simplification of the legal requirements around research will help ensure that scientists are not needlessly impeded from using data to innovate and make major breakthroughs.
Analysis by the Department for Digital, Culture, Media and Sport (DCMS) shows the reforms will create more than £1 billion ($1.2 billion) in business savings over ten years by reducing these burdens on all businesses.
"Today is an important step in cementing post-Brexit Britain’s position as a science and tech superpower. Our new Data Reform Bill will make it easier for businesses and researchers to unlock the power of data to grow the economy and improve society, but retains our global gold standard for data protection," says Digital Secretary Nadine Dorries. "Outside of the EU we can ensure people can control their personal data, while preventing businesses, researchers and civil society from being held back by a lack of clarity and cumbersome EU legislation."
There will also be reform of the Information Commissioner's Office (ICO) to underline the importance of the regulator continuing to uphold data rights and encouraging the responsible use of personal data, but with greater emphasis on taking into account growth, innovation and competition.
John Edwards, UK Information Commissioner, says:
I share and support the ambition of these reforms.
I am pleased to see the government has taken our concerns about independence on board. Data protection law needs to give people confidence to share their information to use the products and services that power our economy and society. The proposed changes will ensure my office can continue to operate as a trusted, fair and impartial regulator, and enable us to be more flexible and target our action in response to the greatest harms.
We look forward to continuing to work constructively with the government as the proposals are progressed and will continue to monitor how these reforms are expressed in the Bill.
You can read more on the gov.uk site.