Protecting personal data online is a challenge facing all governments in the digital era. The issue hit the headlines early in 2018 when whistleblower Christopher Wylie revealed that the Cambridge Analytica firm had harvested data from more than 80 million Facebook accounts, including over a million people based in the UK.
This policy is a promise to legislate to strengthen people’s rights regarding the use of personal data.
You’ve probably noticed the effects of new European-wide rules on data protection which came into effect in May 2018 – all those emails asking you to update communication preferences. Those rules changed because of the General Data Protection Regulation (GDPR), which applies to all EU member states.
Also in May 2018, our government passed the Data Protection Act 2018, which enshrines in UK law the changes required by the GDPR. The provisions included in the Data Protection Act meet all the criteria laid out in this policy:
- the ability to require major social media platforms to delete information
- the ability to access and export personal data
- an expectation that personal data held should be stored in a secure way
“An individual’s right to erasure is particularly relevant if they gave their consent to processing when they were a child.”
That interpretation of the right to delete personal data offers extra protection for children.
There are three statements of intent in this policy, all of which required legislation. The combination of the GDPR and the Data Protection Act have introduced significant new rights in all three areas. Whether the law offers effective protection is an argument to be had elsewhere, but for our purposes this policy is ‘done’.
Dig in to the data