Proposed British Digital Information & Smart Data Bill

Uploaded on 2024-07-23 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law

The new UK government used the recent King’s Speech upon the opening of Parliament to announce a proposal for a new Digital Information and Smart Data Bill (the “Bill”). 
 
The proposed Bill builds on the legacy of the Data Protection and Digital Innovation Bill (“DPDI Bill”) that was discussed extensively in the previous Parliamentary session (but which failed to become law prior to the dissolution of Parliament prior to the July 2024 UK general election) by intending to lay a baseline for a new era of data governance within the UK. 

Background

The Bill follows on the heels of the DPDI Bill, which fell away in the parliamentary wash-up prior to the general election. The DPDI intended to update the UK’s data protection framework, including establishing a statutory regime for Smart Data and Digital ID (being digital identity verification frameworks). The DPDI Bill had received wide-ranging legislative scrutiny prior in the previous parliamentary session and was anticipated to become law. 

Accordingly, the proposed Bill will amend and update the UK’s data protection regime, although many of the concepts that the Bill is likely to cover are taken directly from the defunct DPDI Bill. The key aspects that are to be covered in the Bill are set out below. 

Digital Verification Services

As originally proposed in the DPDI Bill, the Bill will seek to establish digital verification services in the UK, empowering individuals and businesses to embrace secure digital identities. This is intended to create added convenience in everyday life such as assisting with age verification checks, pre-employment checks and moving house, and have broad applicability across a range of sectors. Digital identities are expected to foster economic growth through adding efficiency to common time-consuming processes. 

National Underground Asset Register (NUAR)

The Bill also introduces the NUAR; a digital map intended to revolutionise infrastructure management by providing planners, operators and engineers with instant access to data on the pipes, cables and other network assets functioning underground. This is intended to enable efficient maintenance, repair and operation of such items.  

Smart Data Schemes: Unlocking Insights Across Sectors

Smart Data Schemes will be introduced through the Bill, which enable the secure sharing of customer data through authorised third party providers. This puts forward a wide potential of opportunities, such as seamless financial management across a range of customer accounts. 

Revising The Digital Economy Act 

The Bill will strengthen public services through revisions to the Digital Economy Act, permitting the Government to share data about businesses that use public services. One of the ultimate intentions here is to eventually move to an electronic system for birth and death registrations, thus streamlining and developing efficiencies in this area. 

Strengthening The ICO

Under the Bill, the ICO (the UK’s data protection regulator) will receive enhanced regulatory powers, which will come alongside the clarification of data laws that are currently obstructing the safe development and deployment of new technologies. 

Who Will The Bill Affect?

The key businesses affected by the Bill will be those operating in the digital verification and identity sector, or users of these services (for example organisations in the financial services sector). The developments put forward by the Bill will act as a core foundation for establishing and regulating digital identity verification technologies within the UK.

The Smart Data Schemes proposed by the Bill will act as a legal backbone for data portability programmes, and will particularly be useful for those working in open banking through the enhancement of customer data with contextual ‘business’ data, thus improving decision making in the open banking landscape. 

Key Implications

If enacted in line with the Government’s announced intentions, the Bill will be a pivotal move for the UK’s data protection landscape, particularly in respect of its reforms around Digital Verification Service (the process of confirming an online identity). The King’s Speech indicated that the government estimates these reforms to produce £600 million in economic benefit annually. 

The Bill is intended to nurture and develop the implementation of digital technologies within the UK, thus boosting the UK’s reputation as a global leader in respect of technological development and related legislative provisions. Further developments and insights on the Bill will be revealed in the coming months and potentially-affected businesses should be alive to this evolution.

David Varney is Partner at independent UK law firm Burges Salmon  

Image: 

You Might Also Read: 

Taming Aggressive Algorithms:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Student Who Sold Cyber Attack Software Is Jailed
The CrowdStrike Incident Means Companies Must Review Their Cloud Strategies »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NQA Certification

NQA Certification

NQA provides certification to a range of ISO standards including ISO 27001 for information security management.

National Cyber Directorate Israel

National Cyber Directorate Israel

The Israeli National Cyber Directorate provides incident handling services for civilian entities and critical infrastructures and works to increase national resilience against cyber threats.

Cologix

Cologix

Cologix provides reliable, secure, scalable data center and interconnection solutions from 24 prime interconnection locations across 9 strategic North American edge markets.

Computer Forensic Services

Computer Forensic Services

Computer Forensic Services are digital evidence specialists. Practice areas include Information Security, e-Discovery, Law Enforcement Support and Litigation.

Innovasec

Innovasec

Innovasec provide information security consulting and training services.

SECURITI.ai

SECURITI.ai

SECURITI.ai's PrivacyOps platform is a full-stack solution that operationalizes and simplifies privacy compliance using robotic automation and a natural language interface.

IP2Location

IP2Location

IP2Location provide services to identify geolocation by IP address, and to detect IP addresses associated with anonymous proxy servers, which are often used for fraud and spamming purposes.

Hunton Andrews Kurth

Hunton Andrews Kurth

Hunton Andrews Kurth LLP serves clients across a broad range of complex transactional, litigation and regulatory matters. Practice areas include Privacy and Cybersecurity.

Mobileum

Mobileum

Mobileum is a leading provider of Telecom analytics for roaming, security and risk management and end-to-end domestic and roaming testing solutions.

Apono

Apono

Apono enables DevOps and security teams to manage access to sensitive cloud assets and data repositories in a frictionless and compliant way.

Data Protection Commission (DPC)

Data Protection Commission (DPC)

The Data Protection Commission (DPC) is the national independent authority responsible for upholding the fundamental right of individuals in the EU to have their personal data protected.

Tailscale

Tailscale

Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly.

Silent Push

Silent Push

Silent Push maps all internet-facing infrastructure with searchable, advanced attributes, generating early indicators of potential threats that are tailored to your environment.

Eqlipse Technologies

Eqlipse Technologies

Eqlipse Technologies provides products and high-end engineering solutions to customers in the Department of Defense and Intelligence Community.

Avatar Managed Services

Avatar Managed Services

Avatar offers proven, process driven IT support to companies who want to utilize their technology to their best advantage.

Nagomi Security

Nagomi Security

Nagomi is changing the way security teams balance risk and defense, empowering customers to focus on what matters now.