People in the UK will soon be able to get social media giants to delete their embarrassing posts
New legislation’s proposals will make it easier to control the use of personal data
British consumers will be able to request that their data is erased and to ask social media giants like Facebook to delete embarrassing posts under new data protection legislation.
The law, which will enshrine the European Union’s General Data Protection Rule (GDPR), is intended to give the public more control over what happens with their personal data – including the “right to be forgotten.”
Plans to update the country’s data protection laws were announced in a statement of intent on Monday. Digital Minister Matt Hancock said that the new law would support U.K. businesses and consumers alike.
“Our measures are designed to support businesses in their use of data, and give consumers the confidence that their data is protected and those who misuse it will be held to account,” Hancock said in a statement on Monday.
The digital minister added that the law would prepare the country’s data protection rules for Britain’s departure from the European Union.
“The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world. The Bill will give people more control over their data, require more consent for its use, and prepare Britain for Brexit,” he said.
A legal expert told CNBC last month that U.K. businesses would still be forced to comply with the EU’s data sharing rules.
“Brexit won’t change how consumer data is handled in the U.K. - there won’t be any reduction of rights or protection,” Stewart Room, a legal expert on data protection at professional services firm PwC, told CNBC in July.
“Data protection law has never before been so specific and directly prescriptive about what is expected of data controllers and processors. Organisations will be required to be much more transparent with consumers about what they’re doing with their data, even before they collect it and if something goes wrong.”
Firms that don’t comply with the policy could face hefty fines. The current maximum fine companies can incur for breaching data protection laws is £500,000 (US$652,500).
Proposals included in the bill would:
•Make it simpler to withdraw consent for the use of personal data
•Allow consumers to request for the deletion of their data
•Let parents and guardians give consent for their child’s data to be shared
•Expand the definition of ‘personal data’ to include things like IP addresses and internet cookies (data which is stored when you browse the internet)
The legislation would also create new criminal offences for organisations that “either intentionally or recklessly” allow users to be identified from encrypted data.
“We are pleased the government recognises the importance of data protection, its central role in increasing trust and confidence in the digital economy and the benefits the enhanced protections will bring to the public,” Elizabeth Denham, information commissioner said in a statement.