Data Protection Bill: Facebook, Google and other internet companies will be forced to let people control their own data

People will be able to find out what data companies are holding on them far more easily than ever before – and have it deleted

Andrew Griffin
Monday 07 August 2017 07:24 BST
Comments
(RAUL ARBOLEDA/AFP/Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Everyone will be given sweeping new powers to see what tech companies know about them and have it deleted, under a new bill.

The Data Protection Bill will make it far more easy for people to find out how companies are using their personal details, including their browsing history and even their DNA. And once they've seen it, it will also greatly increase the "right to be forgotten" – allowing people to make those companies delete that most personal of information.

The bill is intended partly to allow people to escape from their internet history when they become an adult, since companies like Facebook and Google will have to scrub everything that they posted when they were a child.

Companies that won't comply could be fined millions of pounds.

As well as giving people far more power in how their information is handled, it will also make companies be more up front about how it is collected. Companies won't be able to trick their customers by using pre-selected tick boxes that opt into tracking, for instance, and people will instead have to give their explicit consent.

The legislation will:

  • Allow people to ask for their personal data held by companies to be erased.
  • Enable parents and guardians to give consent for their child's data to be used.
  • Expand the definition of personal data to include IP addresses, internet cookies and DNA
  • Make it easier and free for individuals to require an organisation reveal the personal data it holds on them.
  • Create new criminal offences to deter organisations from intentionally or recklessly creating situations where someone could be identified from anonymised data.

The legislation will bring the European Union's General Data Protection Regulation (GDPR) into domestic law, helping Britain prepare for Brexit because it will mean the systems are aligned when the UK leaves the bloc.

The Information Commissioner's Office will be given significantly tougher powers, with the maximum fine it can levy being increased from £0.5m to £17 million, or 4% of a firm's global turnover.

The bill, which was announced in the Queen's Speech, will be introduced in Parliament when MPs and peers return from the summer break in September.

Digital Minister Matt Hancock said: "Our measures are designed to support businesses in their use of data, and give consumers the confidence that their data is protected and those who misuse it will be held to account.

"The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world.

"It will give people more control over their data, require more consent for its use, and prepare Britain for Brexit.

"We have some of the best data science in the world and this new law will help it to thrive."

Information Commissioner Elizabeth Denham said: "We are pleased the Government recognises the importance of data protection, its central role in increasing trust and confidence in the digital economy and the benefits the enhanced protections will bring to the public."

Julian David, chief executive of industry body techUK, said implementing the GDPR regulations in full "puts the UK in a strong position to secure unhindered data flows once it has left the EU, and gives businesses the clarity they need about their new obligations".

Additional reporting by Press Association

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in