January 18, 2022

Volume XII, Number 18

Advertisement
Advertisement

January 18, 2022

Subscribe to Latest Legal News and Analysis
Advertisement

The UK Adopts Data Protection Act 2018

Having received Royal Assent on May 23, 2018, the UK Data Protection Bill is now an Act of Parliament.

The Data Protection Act 2018 (the “Act”) implements the General Data Protection Regulation (“GDPR”) and replaces the UK Data Protection Act 1998.

Notable provisions that make use of the ability of Member States to implement different measures from the GDPR are as follows:

  • Section 9 of the Act sets out the age of consent in relation to information society services at 13 years old, instead of 16 years old.
  • Exemptions from certain rights and obligations set out in the GDPR when it comes to certain criminal and immigration matters, for example, as well as for reasons of freedom of expression and information (e.g., for journalistic, academic, artistic, literary purposes), among a number of other diverse areas.

The Act also sets out that the Information Commissioner’s Office will be the supervisory authority in the UK for the purposes of the GDPR, and as such, is given certain powers under the Act to investigate and enforce its provisions, among other duties.

© 2022 Covington & Burling LLPNational Law Review, Volume VIII, Number 145
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Daniel Cooper, Data privacy lawyer, Covington Burling
Partner

Daniel Cooper advises clients on information technology regulatory issues, particularly data protection, e-commerce and data security matters.

According to the latest edition of Chambers UK (2018), his "level of expertise is second to none, but it's also equally paired with a keen understanding of our business and direction." In 2017, it was noted that "he is very good at calibrating and helping to gauge risk."

+442070672020
Advertisement
Advertisement
Advertisement