This explains the relationship between the Bill and the GDPR, detailing the additional areas the proposed new legislation covers. It also includes links to the ICO’s GDPR and Law Enforcement pages and to a Data Protection Bill fact sheet.
When the General Data Protection Regulations (GDPR) come into effect next year there will no longer be a requirement to notify the Information Commissioner’s Office (ICO) as there is now.
There is a provision in the Digital Economy Act which means it will remain a legal requirement for data controllers to pay the ICO a data protection fee. These fees will be used to fund the ICO’s data protection work. As now, any money the ICO receives in fines will be passed directly back to the Government.
The new system will aim to make sure the fees are fair and reflect the relative risk of the organisation’s processing of personal data. The size of the data protection fee will still be based on the organisation’s size and turnover and will also take into account the amount of personal data it is processing. The final fees will be approved by Parliament before being put into place.
The European Commission has proposed new regulations that would limit the way companies track users on the internet.
Part of that plan would see the removal of website banners that provide disclaimers on cookie policies and instead have the user’s browser preferences automatically apply to each site they visit. In addition companies will need to get explicit consent from a user before being allowed to track their online activities.
If passed, the new rules will come into effect by May 2018.
The ICO has issued a £60,000 fine to Boomerang Video Ltd after it suffered a cyber attack. An investigation by the ICO found the Berkshire-based company failed to take basic steps to stop its website being attacked.
Melanie Dawes the Permanent Secretary of the Department for Communities and Local Government (DCLG) has sent a letter to owners, landlords and managers of private residential blocks in England.
DCLG are offering, private owners of residential buildings an opportunity to test cladding on blocks over 18 metres high through arrangements put in place with the Building Research Establishment (BRE).
These checks will be paid for by DCLG, and the information will be available to DCLG from BRE.
Where owners consider that they may have concerns about cladding on buildings over 18 metres high, there is a process to follow described in the letter.
The Fundraising Regulator has published guidance on processing personal data and consents relating to fundraising by charities to help them better understand their responsibilities in relation to donor consent, data protection and legitimate interests to be ready for the EU General Data Protection Regulation. The guidance can be found here.