Telephone iconCall UsTelephone icon0333 0146 683
Our opening hours
Chevron left icon
Knowledge centre

The small business guide to the Data Protection Bill 2017

3-minute read

The small business guide to the Data Protection Bill 2017
Josh Hall

Josh Hall

29 December 2017

Facebook iconTwitter iconLinkedIn icon

The Data Protection Bill 2017 marks the introduction of a raft of new measures intended to give consumers more control over their data – and it has huge implications for small businesses.

Here, we’ll explain some of the contents of the Bill, and what they could mean for SMEs.

Get your free guide to the data protection bill 2017

Download your free in-depth guide to the data protection bill for small businesses. Get instant access to expert hints and tips in the click of a few buttons.

Your email address will be used by Simply Business to keep you posted with the latest news, offers and tips. You can unsubscribe from these emails at any time. Simply Business Privacy policy.

Remember, this article is just an overview and you should conduct your own thorough research. Always seek professional advice if you're unsure about your legal responsibilities.

What is the Data Protection Bill 2017?

The Data Protection Bill is a new set of laws designed to bring the existing Data Protection Act up to date. The old Act hasn’t been updated since 1998 and since then the definitions and uses of personal data have changed significantly.

The Bill, which comes into force in 2018, will also write into UK law new EU rules known as the General Data Protection Regulations (GDPR). The UK is introducing the changes in order to retain equivalence with the EU after Brexit and to ensure that data can be moved between the UK and EU after this date, but the Data Protection Bill 2017 also goes further in its requirements of social media companies.

What is GDPR?

The General Data Protection Regulations (GDPR) is a set of new EU rules governing the use of personal data. It is a major update to the law in this field, and has implications for businesses of every size. Read more in our comprehensive guide to GDPR for small business.

What does the Data Protection Bill 2017 mean for small businesses?

The Data Protection Bill includes a range of measures intended to broaden the scope of protection for personal data. For a full guide to the changes coming in 2018, it’s recommended that you read the introduction to GDPR above.

The Bill includes measures in the following areas:

- Definitions. The definition of personal data will be broadened significantly when compared with the 1998 rules, in order to include new types of data. For example, ‘personal data’ will now include cookies, IP addresses, and even individuals’ DNA.

- Consent. Currently, it is common for businesses to force users to opt out of being added to mailing lists, for example by clicking a checkbox. From next year, consent will have to be given explicitly before details are collected. Furthermore, consent can be withdrawn at any time.

- Right to be forgotten. If your small business collects data on consumers, you will need to provide ways for them to contact you and ask for it to be removed. Consumers will receive more power over the ways in which their information is held and wiped.

- Processing. If your business automates the processing of data in any way, for example data collected through job applications, you will have to rethink this from next year. As a result of the Data Protection Bill, individuals will have the right to insist that their data is processed by a human, rather than automatically – a potentially huge change for businesses of every size.

- Portability. Consumers will also receive the right to move their data easily and without hindrance between companies and providers.

- New offences. Finally, and perhaps most importantly for businesses, the penalty regime for data offences is changing significantly. As a result of the new laws, businesses could be in receipt of fines of up to £17 million, or four per cent of their turnover, for offences under the Act. In addition, two new criminal offences are being created: one for when individuals are re-identified from anonymous data, and a second for data tampering.

What are the implications of the Data Protection Bill 2017 for your business? Let us know in the comments below.

Is your business insured?

We have 800,000 UK policies plus a 9/10 satisfaction score. Why not take a look at our expert business insurance options - including public liability insurance and professional indemnity - and run a quick quote to get started?

Start your quote

We create this content for general information purposes and it should not be taken as advice. Always take professional advice. Read our full disclaimer

Find this article useful? Spread the word.

Facebook icon
Twitter icon
LinkedIn icon

People also liked

Landlords could be targeted in new Capital Gains Tax raid.

19 November 20202-minute read

Landlords could be targeted in new Capital Gains Tax raid

Landlords could be hit by another massive tax raid, as the Office of Tax Simplification outlines its recommendations for an overhaul of…

Read more

Keep up to date with Simply Business. Subscribe to our monthly newsletter and follow us on social media.

Subscribe to our newsletter


Popular articlesBusiness resources from FarillioGeneral businessGuestInsuranceLandlordLandlord resources from FarillioLegal and financeMarketingNewsOpinionProperty maintenanceTradesmanCovid-19 business support hub


6th Floor99 Gresham StreetLondonEC2V 7NG

Sol House29 St Katherine's StreetNorthamptonNN1 2QZ

© Copyright 2021 Simply Business. All Rights Reserved. Simply Business is a trading name of Xbridge Limited which is authorised and regulated by the Financial Conduct Authority (Financial Services Registration No: 313348). Xbridge Limited (No: 3967717) has its registered office at 6th Floor, 99 Gresham Street, London, EC2V 7NG.