Skip to content

UK – DCMS outlines plans to replace GDPR while retaining data adequacy

On 3 October 2022, the new Secretary of State of the Department for Digital, Culture, Media & Sport (DCMS), Michelle Donelan, announced plans to replace the EU GDPR with the UK’s own “business and consumer-friendly, British data protection system”.

The announcement opened Donelan’s speech to the 2022 Conservative Party Conference, which focussed on the Government’s plans to create more wealth and success through the tech, cyber, digital, creative, cultural and arts sectors.

According to Donelan, the proposed new system will:

  • aim to protect consumer privacy and keep consumer data safe, whilst retaining data adequacy so businesses can trade freely;
  • take account of  frameworks put in place by certain other countries, such as Israel, South Korea, Japan, Canada and New Zealand, which have managed to achieve data adequacy without having a system based on the GDPR; 
  • focus on growth and common sense, and aims to prevent losses from data breaches and cyber-attacks, reduce unnecessary “red tape” and “business-stifling” element, and adopt best practices from other countries to form a bespoke data protection system for the UK; and
  • not result in another wave of legislation on business but a simplification of complicated legislation that avoids the pitfalls of a one-size-fits-all system. 

It remains to be seen what this announcement means in practice and what impact it will have on the proposed UK Data Protection and Digital Information Bill that was published by DCMS in the summer. 

The ICO responded simply with the following short statement: “We are pleased to hear the Government’s commitment to protecting people’s privacy, preserving adequacy and simplifying data protection law.  We look forward to seeing further details, and stand ready to provide our advice and insight”.

Please read Michelle Donelan’s full speech here.

Related expertise