On 1 March 2017, the UK government published its Digital
Strategy ("Strategy") for a "world-leading digital
economy that works for everyone.". The Strategy contains a
number of statements that bring some certainty to the direction of
regulation in the UK following its withdrawal from the European
Unlocking the data economy
The Strategy notes the opportunities presented through the use
of data analytics, artificial intelligence and the internet of
things. Noting a recent Information Commissioner's Office
study, which found that only one in four UK adults trust businesses
with personal data, a key aspect of the Strategy is to improve
public trust and confidence in the use of data, enabling the UK to
house a 'world-leading' data economy. To this end, the
Strategy confirms that the UK will implement the General Data
Protection Regulation by May 2018 ("GDPR"), ensuring a
"shared and higher standard of protection for consumers and
their data cross Europe and beyond." Businesses will also be
encouraged to adopt ethical frameworks for the use of data.
To further build public trust, the Strategy also announces a
review of existing data protection offences, and states that
stronger sanctions will be introduced for "deliberate and
negligent re-identification or anonymised data," with the
health care sector called out as an industry of particular focus.
This development highlights the importance of businesses developing
robust compliance structures that safeguard data, even once
The Strategy also notes that the UK government will seek to
ensure that data flows remain uninterrupted following the UK's
withdrawal from the EU.
The Strategy also addresses cyber security and identifies three
To defend the UK against cyber
To deter aggression against the UK,
including through taking offensive action in cyberspace if
To further develop the growing
The government identifies a number of methods of achieving these
outcomes, including using the GDPR to drive improvements in risk
management, expanding efforts within law enforcement agencies,
forming partnerships with industry and through the operations of
the National Cyber Security Centre.
In a time of uncertainty, the Strategy provides a glimpse of the
government's intention for future regulation in the UK.
Companies should use the following year to ensure their compliance
frameworks and systems adequately equip them for the challenges
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
The fourth and final part of our mini-series on the draft ICO guidance on Consent, published on 2 March 2017, focuses on the practical impact the GDPR (General Data Protection Regulation) will have on how your organisation records and manages consent.
In light of the much anticipated ICO draft GDPR (the General Data Protection Regulation) Consent Guidance being published yesterday, 2 March 2017, we will be running a mini-series on the guidelines under consultation and the impact the GDPR will have on the much vexed position of consent and the impact on your business.
The first of our four discussions on the ICO guidelines for Consent will focus on the meaning of consent under the GDPR (General Data Protection Regulation) and how this change enhances the previous law on consent to data processing.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).