A Data Reform Bill to allow the UK to reform its data protection regime and depart from EU rules has been announced.

The government has said it wants to use Brexit as an opportunity to replace “very complex” data protection laws inherited from the European Union.

The bill, included in the Queen’s Speech, would be used to reform the General Data Protection Regulation (GDPR) and data protection law, which the government describes as complex and currently encourages “excessive red tape “.

The government said the bill would seek to streamline data protection laws and reduce red tape, reducing the burden on businesses by creating a more flexible and results-oriented approach ‘rather than tick-box exercises while introducing clearer rules regarding the use of personal data.



I imagine we would see more pruning than root and branch reform, but hopefully we won’t wait too long to find out

Rafi Azim-Khan, Data Privacy Officer at Pillsbury Law Firm

Full details of the proposals have yet to be released, but it has been reported that as part of the reforms, web cookie consent banners that appear when visiting a website could be removed.

The government said the changes would help make British businesses more competitive and boost the economy.

The proposals also include plans to modernize the Information Commissioner’s Office, the UK’s data watchdog, to ensure it has the capacity and powers to take tougher action against organizations that violate data rules.

Rafi Azim-Khan, head of data privacy at law firm Pillsbury, said the government’s data reform plans were unsurprising, but warned of a significant departure from privacy law. EU, which could jeopardize the UK’s EU Data Adequacy Decision, which recognizes the UK’s post-Brexit data protection standards and allows the continued flow of data between the two.

“There’s been a lot of talk about the UK reforming its data laws, so it’s by no means a thunderbolt,” he said.

“I think there will still be quite a bit of nervousness on the part of companies in the weeks to come.

“Any significant deviation from the GDPR would not only mean further compliance efforts, but also a potential risk to the UK’s decision on EU data adequacy.

“I imagine we would see more pruning than root and branch culling, but hopefully we won’t wait too long to find out.”