The difference between the DPB and the GDPR

Oh goodness, please defend us from acronyms.

OK, DPB = Data Protection Bill and GDPR = General Data Protection Regulation, so what is the difference?

The answer is just the shameless opportunism of politicians, and the current schism that festers regarding whether Europe is a good thing or not.

So, just to put things in context, as with most other laws over the last 40 or so years that have been developed in Brussels, the original UK Data Protection Act was based on guidelines from the EEC. Recognising the weaknesses in the original approach, partly due to emerging criminality, amazing products such as smart phones, and the new impact of social media, “Europe” decided that the whole process needed changing and beefing up, and also that it had to be a standard across all 28 Countries.

Rather than letting each Country interpret the original act and adopt their own legislation, they made it a universal “Regulation” so that there were no doubts and no exclusions, so everybody within Europe could exchange data knowing that there was a common methodology controlling the privacy of the individual. And one aspect was that you had to keep your data safely within the jurisdiction of European Courts.

Thus, whatever else you think of anything else emanating from Europe, this was excellent work, well-constructed, and giving a lead to the entire World.
But because of Brexit, the UK would potentially lose all the data sharing benefits that resulted from that work.

So what do we do? Well, the Government has announced their brave new dawn of the Data Protection Bill as if they have done all the work – with all the television interview opportunities and the standard BBC search for doubters who can “question” the result.

Of course the awareness that arose from all that is to be welcomed.

But do not be deceived, unfortunately the UK has not suddenly discovered an enthusiasm for protecting its citizens, nor a unique means of doing so. The DPB is simply and solely a plagiarised GDPR, hastily “announced” because in any event it will apply to the UK before we leave the Union, and if we allowed ourselves to lose the benefits that the regulation provides, it would probably cost the Country more dearly than if we lost all the banks from London.

Whatever other arguments exist for and against Europe, the protection of personal privacy should not be included in them. It is a global challenge that GDPR starts to provide a solution basis for – and it will be adopted internationally in a common form.

Adopting it wholesale into English Law was an act of common sense and self-preservation, and if our politicians want to claim the credit, well then ….. !