UK data and digital ID bill lauded ahead of parliamentary debate

The proposed Data (Use and Access) Bill represents an opportunity for the UK to embrace open finance in a way that has not been possible so far, empowering individuals and reshaping financial infrastructure, Lord Christopher Holmes writes in Finextra.

The Digital Information and Smart Data Bill was unveiled in the King’s Speech as a revival of most of the key concepts in the previous government’s failed Data Protection and Digital Information Bill, Holmes notes. Changes between those previous versions and the new Bill could be an attempt to head off concerns about “data adequacy,” or whether the EU will consider data protections equivalent to its own, he suggests.

Holmes applauds the continued push for “distributed” or decentralized digital ID, pointing out that 17 percent of Britons did not have a passport as of the last census, in 2011. By establishing a framework for digital identity verification, improving data sharing among National Health Service organizations and law enforcement, and boosting the economy with smart data, the Bill could drive major social and economic gains.

The House of Lords will take up the debate on November 19.

ICO sees benefits, room for improvement

Information Commissioner John Edwards has also welcomed the legislation, and traces its involvement in the legislative push back to a public consultation in 2021, prior to the introduction of the DPDI Bill.

“It allows us to continue to operate as a trusted, fair and independent regulator, whilst improving the way we operate,” writes Edwards. “The Bill maintains high standards of data protection and protects people’s rights and freedoms, whilst also providing greater regulatory certainty for organisations and promoting growth and innovation in the UK economy.”

The Bill would introduce changes to the way the ICO operates that will maintain its regulatory independence and help make it more accountable, Edwards argues. It would also help clarify for police how to navigate between the UK GDPR and the passages of the Data Protection Act specific to law enforcement, he says. As the trust framework for digital verification is developed, Edwards says the ICO will provide the government with advice on data protection considerations.

An annex with technical feedback makes suggestions for 17 of the Bill’s clauses, and expresses reservations that the importance of proportionality to necessity as a justification for processing personal data is not reflected in the current draft.

Edwards argues that a clause allowing the retention of biometric data of a subject found not guilty by reason of insanity in a non-UK jurisdiction should be clarified, given that such records could be expunged in England and Wales. He also seeks clarification on the retention of biometric data obtained in requests for assistance from Interpol.

Article Topics

Data (Use and Access) Bill (DUA)  |  data protection  |  digital ID  |  Information Commissioner’s Office (ICO)  |  legislation  |  regulation