Britons could win the “right to be forgotten” online under new privacy laws aimed at tackling the data held by social media giants, it has been revealed.
Under the proposed Data Protection Bill, set to be debated in the autumn, people will be able to ask social media platforms like Snapchat, Facebook and Twitter to delete information they posted as children.
The new powers will also require users to give explicit consent for their information to be collected online, rather than firms relying on pre-selected tick boxes.
Companies who break the new rules could face fines of up to £17 million, the Press Association reported.
The legislation will:
- Allow people to ask for their personal data held by companies to be erased.
- Enable parents and guardians to give consent for their child’s data to be used.
- Expand the definition of personal data to include IP addresses, internet cookies and DNA.
- Make it easier and free for individuals to require an organisation reveal the personal data it holds on them.
- Create new criminal offences to deter organisations from intentionally or recklessly creating situations where someone could be identified from anonymised data.
The legislation will bring current EU regulation into domestic law, helping Britain prepare for life post-Brexit.
The Information Commissioner’s Office will also be given significantly tougher powers, with the maximum fine it can levy being increased from £0.5m to £17 million, or 4% of a firm’s global turnover.
The bill, which was announced in the Queen’s Speech, will be introduced in Parliament when MPs and peers return from the summer break in September.
Digital Minister Matt Hancock said: “Our measures are designed to support businesses in their use of data, and give consumers the confidence that their data is protected and those who misuse it will be held to account.
“The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world.
“It will give people more control over their data, require more consent for its use, and prepare Britain for Brexit.
“We have some of the best data science in the world and this new law will help it to thrive.”
Julian David, chief executive of industry body techUK, said implementing the GDPR regulations in full “puts the UK in a strong position to secure unhindered data flows once it has left the EU, and gives businesses the clarity they need about their new obligations”.
However, speaking on BBC Radio 4′s Today programme this morning, CEO of Oxford Information Labs Emily Taylor said it was still unclear how the new laws would work in practice.
Taylor, who is also the editor of the Journal of Cyber Policy, told the show: “While powers have been increased for users, it remains to be seen how they will be implemented because most people just click ‘I agree’.
“It’s hard to untangle bits of data from a very complex and long-running array of data.”
Shadow culture secretary Tom Watson said that while the government’s action mirrors Labour’s manifesto commitment to allow young people to remove content shared on the internet, the party would be watching closely over the legislation.
“As we are leaving the EU it is more important than ever that we have a robust data protection framework fit for the future,” he said.
“We’ll be scrutinising the bill carefully to make sure it creates that future proof framework.”