Plans for new data protection rules in the UK have been confirmed in the Queen’s Speech.
They will give young people the right to demand social networks delete any personal data they had shared prior to turning 18.
The Queen said the UK would retain its “world-class” data protection regime.
The proposed Data Protection Bill will reflect plans described in the Conservative Party manifesto ahead of the general election in June.
In a document further detailing its plans, the government said its key priorities were:
- ensuring data protection rules were “suitable for the digital age”
- “empowering individuals to have more control over their personal data”
- giving people the “right to be forgotten” when they no longer wanted a company to process their data – providing there were no legitimate grounds for a company retaining the data
- modernising data processing procedures for law enforcement agencies
- allowing police and the authorities to “continue to exchange information quickly and easily with international partners” to fight terrorism and other serious crimes
The government also said it would implement the General Data Protection Regulation – new EU data protection rules due to come into force in 2018.
It said the new UK bill would ensure the country met its obligations while a member of the EU, and would help the UK maintain its “ability to share data with other EU members states and internationally after we leave the EU”.
The new bill will replace the Data Protection Act 1998.
Responding to the speech, a spokesman for the technology industry trade body techUK said: “We support the government’s commitment to maintain the UK’s world-class protection of people’s personal data. This will include implementing the General Data Protection Regulation, the biggest transformation of data protection rules in a generation.”
The announcement was also welcomed by Nick Taylor, managing director at business consultancy Accenture Strategy.
“This new data protection law is the news that many companies have been waiting for to accelerate their GDPR programme and make it a concrete part of their business,” he said.
“Companies now have certainty that they will have to comply with tougher rules, and this gives them the incentive, and need to get their GDPR programme right.”