At the point at which the Conservative Party’s manifesto was written, data protection in the UK was regulated by the Data Protection Act 1998. However, this law was considered insufficient to provide adequate protection of personal information in the internet age.
To modernise the regulation of data protection in the UK, the new Data Protection Act (DPA) 2018 was introduced. This goes hand in hand with the General Data Protection Regulation (GDPR) which sets EU-wide standards for the processing of personal data. Moreover, the new DPA covers aspects of data protection which are UK-specific and go beyond the scope of the EU law.
The new DPA received Royal Assent on 23 May 2018. As a consequence, the GDPR will remain enshrined in law after Brexit and UK data protection is now regulated by a new data protection law. Arguments can still be had about whether the DPA ensures the “very best standards” and is “ethical and proportionate”, but a new law was promised and has been delivered – this policy is ‘done’.
Love the detail?