Google and Facebook could face fines stretching into billions of pounds if they breach users’ privacy under a new law.
The fines are part of the Data Protection Bill which the Government is introducing to give citizens more control over their data.
It will place new requirements on companies about how they are allowed to hold and use data on ordinary citizens.
In the case of the most serious breaches of these rules, it allows the data regulator, the Information Commissioner’s Office (ICO), to fine companies £17m or 4% of their global turnover, whichever is higher.
The fines for the largest companies which use individuals’ data to sell advertisements, such as Google and Facebook, could stretch to billions of pounds.
Neil Brown, a solicitor at Decoded Legal, a law firm specialising in digital laws, told Sky News “it was unlikely that the regulator will go anywhere near the top level very quickly”.
“Other corrective powers – including the power to ban a company from processing data – are likely to be the regulator’s first port of call,” Mr Brown said.
The proposals include:
:: Allowing people the “right to be forgotten” online
:: Individuals can ask social media platforms to delete information they posted when they were children
:: People must give explicit consent for personal information to be collected online
:: People can ask for personal data held by companies to be deleted
:: It will be easier and free for people to get organisations to reveal the personal data they hold
:: New criminal offences will be created to deter companies from creating situations where someone can be identified from anonymised data
:: The definition of personal data will be expanded to include internet cookies and IP addresses
The law will also require social media platforms to delete information on children and adults when asked to, and will mean that default “opt-out” checkboxes will become a thing of the past.
Instead of people ticking the box to not receive marketing emails, they will now need to “opt-in” and give explicit consent to be contacted for those purposes.
Mr Brown said that by outlawing ‘consent by silence’ and pre-ticked boxes, and requiring companies to separate out requests for consent from general terms and conditions, consumers should be far better informed about when, and for what, they are being asked for consent.
Matt Hancock, minister of state for digital, said the law was designed to support businesses in their use of data, and give consumers the confidence that their data is protected and that those who misuse it will be held to account.
Elizabeth Denham, who heads the ICO, said her office was “pleased the Government recognises the importance of data protection”.
The bill is designed to bring one of the EU’s widely supported General Data Protection Regulations into British law, giving the Brussels-based law new footing in Westminster.
Mr Brown said: “Having a law which is consistent with the EU framework will be essential if Brexit goes ahead, so this announcement is very promising.
“However, questions are likely to be asked by the European Commission and others about the UK’s surveillance powers and whether they afford sufficient privacy protections.”
more recommended stories
What is the metaverse, why does Facebook want in and how will it work?
The term “metaverse” seems to be.
Facebook whistleblower; Frances Haugen reveals Facebook prioritised growth over safety
A former Facebook whistleblower responsible for.
Facebook, Instagram And Messenger Are Back Online
Facebook, Instagram and Messenger are back.
Facebook, Instagram, WhatsApp and Messenger down
WhatsApp, Instagram and Facebook have all.
Instagram is pausing work on Instagram Kids following recent backlash
Facebook plans to make an “Instagram.
Lithuania tells citizens to bin Chinese mobile phones over censorship concerns
Government report claims censorship software on.
Instagram is DOWN for frustrated users around the world
Instagram appears to be down for.
PayPal launches crypto buying and selling in UK
PayPal Holdings Inc will allow customers in.