The Data Protection Bill [Exemptions from GDPR] was introduced to the House of Lords on 13 September 2017
*current status April 6, 2018* Report Stage House of Commons — dates, to be announced
- Progress of the Data Protection Bill [HL] 2017-19 [web link]
- Access to amendments [link]
- Written evidence submitted in Committee Stage House of Commons at end of page [link – then scroll]
- Introduction page [link] 14.9.2017
- Data Protection Bill (HL Bill 66) [web link]
- Data Protection Bill (HL Bill 66) [PDF] 832KB, 218 pages
- Keeling Schedule [link] 751 kB, 75 pages [original HOL]
- The ICO policy pages and briefing notes on ICO website
Debates
Dates for all stages of the passage of the Bill, including links to the debates.
EU GDPR Progress Overviews
Updates of GDPR age of consent mapping: Better Internet for Kids
Bird and Bird GDPR Tracker [Shows how and where GDPR has been supplemented locally, highlighting where Member States have taken the opportunities available in the law for national variation.]
ISiCo Tracker (Site in German language) with links.
UK Data Protection Bill Overview
- Data Protection Bill Explanatory Notes [PDF], 1.2MB, 112 pages
- Data Protection Bill Overview Factsheet [PDF], 229KB, 4 pages
- Data Protection Bill Impact Assessment [PDF], 123KB, 5 pages
The General Data Protection Regulation
The General Data Protection Regulation [PDF] 959KB, 88 pages
Related Factsheets
- General Processing Factsheet, [PDF], 141KB, 3 pages
- Law Enforcement Data Processing Factsheet [PDF], 226KB, 3 pages
- National Security Data Processing Factsheet [PDF], 231KB, 4 pages
These parts of the bill concern the function of the Information Commissioner and her powers of enforcement
- Information Commissioner and Enforcement Factsheet [PDF] 223KB, 4 pages
- Data sharing code of practice [PDF]
GDPR possible derogations
Source credit Amberhawk: Chris Pounder
Member State law can allow modifications to Articles 4(7), 4(9), 6(2), 6(3)(b), 6(4), 8(1), 8(3), 9(2)(a), 9(2)(b), 9(2)(g), 9(2)(h), 9(2)(i), 9(2)(j), 9(3), 9(4), 10, 14(5)(b), 14(5)(c), 14(5)(d), 17(1)(e), 17(3)(b), 17(3)(d), 22(2)(b), 23(1)(e), 26(1), 28(3), 28(3)(a), 28(3)(g), 28(3)(h), 28(4), 29, 32(4), 35(10), 36(5), 37(4), 38(5), 49(1)(g), 49(4), 49(5), 53(1), 53(3), 54(1), 54(2), 58(1)(f), 58(2), 58(3), 58(4), 58(5), 59, 61(4)(b), 62(3), 80, 83(5)(d), 83(7), 83(8), 85, 86, 87, 88, 89, and 90 of the GDPR.
Other relevant significant connected legislation
- The Police and Crime Directive [web link]
- EU Charter of Fundamental Rights – European Commission [link]
- The proposed Regulation on Privacy and Electronic Communications [web link]
- Draft modernised convention for the protection of individuals with regard to the processing of personal data (convention 108)
Data Protection Bill Statement of Intent
- DCMS Statement of Intent [PDF] 229KB, 4 pages
- Letter to Stakeholders [PDF] 184KB, 2 pages 7 Aug 2017
Other links on derogations and data processing
- On Adequacy: Data transfers between the EU and UK post Brexit? Andrew D. Murray Article [link]
- Two Birds [web link]
- ICO legal basis for processing and children [link]
- Public authorities under the Freedom of Information Act (ICO) Public authorities under FOIA 120160901 Version: 2.2 [link]
- ICO information for education [link]
Blogs on key issues [links in date of post]
- Amberhawk
- DP Bill’s new immigration exemption can put EU citizens seeking a right to remain at considerable disadvantage [09.10] re: Schedule 2, paragraph 4, new Immigration exemption.
- On Adequacy: Draconian powers in EU Withdrawal Bill can negate new Data Protection law [13.09]
- Queen’s Speech, and the promised “Data Protection (Exemptions from GDPR) Bill” [29.06]
- defenddigitalme
- Response to the Data Protection Bill debate and Green Paper on Online Strategy [11.10.2017]
- Jon Baines
- Serious DCMS error about consent data protection [11.08]
- Eoin O’Dell
-
The UK’s Data Protection Bill 2017: repeals and compensation – updated: On DCMS legislating for Art 82 GDPR. [14.09]
-
Data Protection Bill Consultation: General Data Protection Regulation Call for Views on exemptions
- New Data Protection Bill: Our planned reforms [PDF] 952KB, 30 pages
- London Economics: Research and analysis to quantify benefits arising from personal data rights under the GDPR [PDF] 3.76MB 189 pages
- ICO response to DCMS [link]
- ESRC joint submissions on EU General Data Protection Regulation in the UK – Wellcome led multi org submission plus submission from British Academy / Erdos [link]
- defenddigitalme response to the DCMS [link]
Minister for Digital Matt Hancock’s keynote address to the UK Internet Governance Forum, 13 September [link].
“…the Data Protection Bill, which will bring our data protection regime into the twenty first century, giving citizens more sovereignty over their data, and greater penalties for those who break the rules.
“With AI and machine learning, data use is moving fast. Good use of data isn’t just about complying with the regulations, it’s about the ethical use of data too.
“So good governance of data isn’t just about legislation – as important as that is – it’s also about establishing ethical norms and boundaries, as a society. And this is something our Digital Charter will address too.”
Media links
14.09 BBC UK proposes exemptions to Data Protection Bill
Edits:
11.10.2017 to add links to the Second Reading in the House of Lords