Government to replace GDPR with 'British data protection system': What could it mean for small businesses?

Government to replace GDPR with 'British data protection system': What could it mean for small businesses?
Dan Martin
Dan MartinDan Martin Content & Events

Posted: Wed 5th Oct 2022

A new data privacy regime will be introduced in the UK to replace the European Union's General Data Protection Regulation (GDPR), the government has announced.

GDPR, the rules organisations need to follow when managing personal data, is still in force in the UK despite Brexit.

But speaking at the Conservative Party conference in Birmingham, culture secretary Michelle Donelan said the "bureaucratic nature" of GDPR is "limiting the potential of our businesses".

She claimed that in a survey conducted by the Department for Digital, Culture, Media and Sport, 50% of businesses complained "that the EU's mainly one-size-fits-all GDPR system had led to excessive caution amongst their staff when handling data".

She described as "mad" letters to the government from churches saying they were worried that newsletters were breaching data protection rules.

Small businesses don't have the resources to navigate GDPR, Donelan claimed, so the government intends to replace "GDPR with our own business and consumer friendly British data protection system".

She added:

"Our new data protection plan will focus on growth, on common sense, on helping to prevent losses from cyber attacks and data breaches, while also protecting data privacy.

"This will allow us to reduce the needless regulation and business-stifling elements, while taking the best bits from other countries, to create a truly bespoke, British system of data protection."

The government has previously said it intended to reform data protection regulations in the UK. Measures were included in the Data Reform Bill, announced in the May 2022 Queen's Speech, but the debate for the Bill's second reading in Parliament was scrapped when Liz Truss become prime minister.

What could the GDPR replacement mean for small businesses?

The government has not yet provided any further detail on how the new data privacy regime would work but some experts have expressed concern that it could actually add extra bureaucracy for small businesses, particularly for those handling personal data from the EU.

Samantha Oakley, Enterprise Nation member and founder of So Law, said:

"It has taken years for small businesses to get a grip on GDPR and how to implement it. After navigating some choppy waters, we have finally hit some calm waters.

"However, this announcement feels like we are being tossed back out there with the unintended consequences of small businesses having to incur more legal costs to ensure compliance, at a time when they are facing a cost of living crisis!

"Although cutting red tape sounds good on the face of it, small businesses have invested a lot of time and money getting GDPR compliant. As EU GDPR relates to EU citizens in the UK and selling goods/services in the EU, UK businesses with customers in the EU will likely still have to be compliant with the current laws - so it risks a more expensive two tier system."

Raj Shah from law firm Collyer Bristow added:

"There is a real risk that these plans, if implemented, could invalidate the UK's 'adequacy' decision by the EU agreed as part of the Brexit deal. If that were to happen, transferring personal data between the UK and any EEA country would require reams of additional documentation and higher administration costs."

Relevant resources

Dan Martin
Dan MartinDan Martin Content & Events
I'm a freelance content creator and event host who helps small businesses and the organisations that support them. I'm also Enterprise Nation's Local Leader for Bristol. I have 20 years of experience as a small business journalist having interviewed hundreds of entrepreneurs from famous names like Sir Richard Branson and Deborah Meaden to the founders behind brand new start-ups. I've worked for a range of leading small business publications and support groups, most recently as head of content at Enterprise Nation where I was responsible for the prolific output of content on the company's blog and social media. I now freelance for Enterprise Nation as the website's news reporter and as the host of the Small Business sessions podcast. I'm based in Bristol where I run and host regular events with the local small business community in my role as Enterprise Nation's Local Leader for Bristol. I also have strong connections with other major business organisations in the south west region. In total, I've hosted over 100 events including conferences with an audience of hundreds for international brands like Xero and Facebook and live web chats from inside 10 Downing Street. With my partner, I co-run Lifestyle District, a lifestyle blog focused on culture, art, theatre and photography.

You might also like…

Get business support right to your inbox

Subscribe to our newsletter to receive business tips, learn about new funding programmes, join upcoming events, take e-learning courses, and more.