LONDON (Reuters) – Britain will set out a new data protection regime on Friday that diverges from EU regulations, which it says will ease the burden of compliance on businesses and reduce the number of annoying cookie pop-ups that plague consumers online.
In return the EU recognised Britain’s standards – a process called adequacy – that enabled the seamless flow of data to continue.
The European Commission (EC) said in August “it would closely monitor any developments to the UK‘s rules”, adding that adequacy could be suspended, terminated or amended if changes resulted in an unacceptable level of protection.
For example, the bill will remove the need for small businesses to have a Data Protection Officer and to undertake lengthy impact assessments, it said, with a privacy management programme used to the same end.
It will also include tougher fines for firms hounding people with nuisance calls.
Britain said the EC had itself made clear that adequacy decisions did not require countries to have the same rules.
“This is good news for data flows between the EU and the UK, as these more modest reforms mean the EU Commission is less likely to revoke the UK’s adequacy finding, which would have caused significant disruption,” he said.
(Reporting by Paul Sandle; Editing by Nick Zieminski)