Having received Royal Assent on May 23, 2018, the UK Data Protection Bill is now an Act of Parliament.

The Data Protection Act 2018 (the “Act”) implements the General Data Protection Regulation (“GDPR”) and replaces the UK Data Protection Act 1998.

Notable provisions that make use of the ability of Member States to implement different measures from the GDPR are as follows:

  • Section 9 of the Act sets out the age of consent in relation to information society services at 13 years old, instead of 16 years old.
  • Exemptions from certain rights and obligations set out in the GDPR when it comes to certain criminal and immigration matters, for example, as well as for reasons of freedom of expression and information (e.g., for journalistic, academic, artistic, literary purposes), among a number of other diverse areas.

The Act also sets out that the Information Commissioner’s Office will be the supervisory authority in the UK for the purposes of the GDPR, and as such, is given certain powers under the Act to investigate and enforce its provisions, among other duties.

We will continue to monitor UK data protection developments, in particular the activities of the ICO, and will provide further updates.

Print:
EmailTweetLikeLinkedIn
Photo of Dan Cooper Dan Cooper

Daniel Cooper heads up the firm’s growing Data Privacy and Cybersecurity practice in London, and counsels clients in the information technology, pharmaceutical research, sports and financial services industries, among others, on European and UK data protection, data retention and freedom of information laws…

Daniel Cooper heads up the firm’s growing Data Privacy and Cybersecurity practice in London, and counsels clients in the information technology, pharmaceutical research, sports and financial services industries, among others, on European and UK data protection, data retention and freedom of information laws, as well as associated information technology and e-commerce laws and regulations. Mr. Cooper also regularly counsels clients with respect to Internet-related liabilities under European and US laws. Mr. Cooper sits on the advisory boards of a number of privacy NGOs, privacy think tanks, and related bodies.