UK citizens to get new and "robust" data protection laws

Data protection in the UK is getting an overhaul, with the European Union's current General Data Protection Regulation (GDPR) being brought into UK law. 

The proposals will see citizens entitled to the "right to be forgotten" which will prevent companies from storing and using lifetime amounts of data from its users.

This will enable people to "have more control over their data" and "require more consent for use" according to Digital Minister Matt Hancock.

"The new data protection bill will give us one of the most robust, yet dynamic, sets of data laws in the world," Hancock commented.

RELATED STORIES

• Royal Free hospital breached data protection in deal with Google's DeepMind

• The 7 riskiest countries to store business data

• Can Fintech rescue City of London jobs after Brexit?

"Our measures are designed to support businesses in their use of data, and give consumers the confidence that their data is protected and those who misuse it will be held to account."

Currently, maximum fines for data security breaches for firms stands at £500,000 ($650,000) but that figure is set to rise to £17mn ($22mn) or 4% of global turnover thanks to the EU's GDPR.  

Included in the bill is the proposal to make it easier and simpler for users to withdraw their consent for their data to be used, as well as expanding the definition of personal data to include IP addresses, DNA and cookies.

It will also require companies to obtain explicit consent when processing sensitive personal data, whilst users will be able to ask for their data to be deleted.

GDPR is due to come into effect in May 2018 and the UK government has already confirmed that it will continue to meet its standards after departing the EU.