Live COVID-19 Cases
  • World 354,771,406
    World
    Confirmed: 354,771,406
    Active: 67,475,362
    Recovered: 281,674,049
    Death: 5,621,995
  • USA 72,869,458
    USA
    Confirmed: 72,869,458
    Active: 27,242,096
    Recovered: 44,735,874
    Death: 891,488
  • India 39,543,328
    India
    Confirmed: 39,543,328
    Active: 2,249,287
    Recovered: 36,804,145
    Death: 489,896
  • Brazil 24,134,946
    Brazil
    Confirmed: 24,134,946
    Active: 1,659,612
    Recovered: 21,851,922
    Death: 623,412
  • France 16,800,913
    France
    Confirmed: 16,800,913
    Active: 6,211,015
    Recovered: 10,460,876
    Death: 129,022
  • UK 15,953,685
    UK
    Confirmed: 15,953,685
    Active: 3,394,801
    Recovered: 12,404,968
    Death: 153,916
  • Russia 11,173,300
    Russia
    Confirmed: 11,173,300
    Active: 801,197
    Recovered: 10,045,336
    Death: 326,767
  • Italy 10,001,344
    Italy
    Confirmed: 10,001,344
    Active: 2,709,857
    Recovered: 7,147,612
    Death: 143,875
  • Spain 9,280,890
    Spain
    Confirmed: 9,280,890
    Active: 3,562,883
    Recovered: 5,626,013
    Death: 91,994
  • Germany 8,808,107
    Germany
    Confirmed: 8,808,107
    Active: 1,417,492
    Recovered: 7,273,100
    Death: 117,515
  • China 105,660
    China
    Confirmed: 105,660
    Active: 2,754
    Recovered: 98,270
    Death: 4,636
Generic selectors
Exact matches only
Search in title
Search in content
Generic selectors
Exact matches only
Search in title
Search in content
open access symbol

BY Leo Hynett

Cybersecurity

Leaving GDPR Behind

Many months on we are slowly learning what Brexit means. In this case, it means no longer being governed by GDPR – but only if the government can come up with an agreeable alternative.

AUGUST 27  2021

Follow

The UK government is attempting to escape the grips of data protection regulations imposed by the EU which have been described as ‘too bureaucratic and overly prescriptive’. Britain has the opportunity to overhaul its privacy rules in the wake of Brexit and government officials are exploring what this could mean for the future of the UK’s data policy.

Oliver Dowden has said the change will ‘turbocharge the UK’s digital economy and allow data to be used more flexibly.’ For some, the idea of flexible use of their personal data is an unsettling one. Other internet users have rejoiced at the news and look forward to the internet being free of cookie popups.

The GDPR rules brought in by the EU in 2018 remain in place in the UK despite our exit, but it will be possible to break away from them if a new set of regulations can be drawn up. The UK government will not be entirely free to make their own rules though, ‘any changes will be constrained by the need to offer a new regime that the EU deems adequate, otherwise data transfers between the UK and EU could be frozen.’

Current UK rules already deviate mildly from typical European GDPR. The UK’s Data Protection Act of 2018 made some minor adjustments, including ‘a higher number of lawful bases for processing sensitive data.’ Whether the government’s new plan will involve more or less personal data sharing than current policy is yet to be seen.

 

Undergoing transformation

Coming up with a new set of rules won’t be easy, especially because they will need to still gain the approval of the EU. If the Brexit negotiations are anything to go by this will be a lengthy process. It is not only the EU that the UK needs to appease with these new regulations, the government has announced six target nations for adequacy agreements including the US, South Korea and Australia.

Creating new regulations will be a careful balancing act between decisions that benefit UK citizens and businesses whilst also continuing to act in the interests of the EU. If the government leans too far in either direction, criticism will be strong. There is equal potential for fresh tensions with the EU and public criticism, so the government must tread carefully.

‘A new information commissioner will be put in charge of overseeing the transformation. John Edwards, currently the privacy commissioner of New Zealand, has been named as the government’s preferred candidate to replace Elizabeth Denham, whose term in office will end on 31 October after a three-month extension.’

Elizabeth Denham has encouraged the pursuit of trust and transparency in the creation of these new plans. Eduardo Ustaran, a co-head of the global privacy and cybersecurity practice at the law firm Hogan Lovells, stated that ‘the protection of personal data around the world comes in different shapes and forms, but can still be effective,’ suggesting that the UK could be the first of many countries to create its own tailored privacy regulations.

The way the government has approached the public regarding these changes has been interesting, the focus has seemingly been on how much easier life will be without GDPR ‘box-ticking’ as opposed to exploring the potential security benefits.

 

Goodbye, cookie popups

Culture secretary, Oliver Dowden, said that the UK’s ‘freedom to chart its own course could lead to an end to irritating cookie popups and consent requests online’.

This is an odd way to look at the issue and has parallels with the concept of positive and negative liberty. Negative liberty is the absence of obstacles, whereas positive liberty is the freedom to make choices and take actions for oneself. This may be more familiar when phrased as ‘freedom to’ or ‘freedom from’ – something that has been recently popularised by Margaret Atwood’s The Handmaid’s Tale. In this story, people chose freedom from chaos and lost the freedom to make their own choices.

Framing the move away from GDPR as freeing people from ‘irritating cookie popups’ ignores the loss of freedom to choose how personal data is stored and used. It arguably also feels like a deliberate act of misdirection – by so loudly focusing on the benefits, the downsides can be swept under the rug. Cookie popups are admittedly irritating, but getting rid of them does not seem worth giving up the huge amount of protection offered by GDPR.

Privacy campaigners will undoubtedly be scrutinising the new regulations heavily as the UK attempts to ‘cement its position as a world leader in data.’

 

The end of mindless box-ticking?

Although the protections offered by GDPR are great, being prompted to set cookie preferences on every site we visit has led to many people simply ticking ‘accept all’ without reading what they have agreed to. Some argue that this has led to little meaningful protection for citizens and has potentially allowed companies to collect more data than before because the consumer has agreed to it.

Moving away from the current model and towards one that has stricter blanket rules on data gathering could result in better protection – and, yes, also remove those irritating cookie popups along with it.

Recommended for you

Modelling the Potential Consequences of Omicron

Analysing the impact mask-wearing has on Omicron hospital admissions, and whether the public’s choices can change the outcome.

Minesto: Revolutionising Ocean Energy

Minesto: Revolutionising Ocean Energy

Through their innovative tech, Swedish company Minesto leverages the power generated from underwater ‘kites’ as a source of renewable energy.

Trending