To ask the Secretary of State for Digital, Culture, Media and Sport, whether he has held discussions with the Secretary of State for Exiting the European Union on his policy priorities after the UK leaves the EU in relation to (a) the requirement of the General Data Protection Regulation that children merit specific protection and (b) the regulation's other requirements; and if he will make a statement.
The EU and the UK both have an ambition to achieve high data protection standards globally. The UK demonstrated this commitment with the successful passage of the new Data Protection Act 2018, which implements and transposes the GDPR and Law Enforcement Directive respectively in UK law.
The Act received Royal Assent on 23 May. It further strengthens UK data protection standards, ensuring they are fit for the modern age, and implements in full the EU’s new data protection framework in UK domestic law. Our data protection laws will therefore be fully aligned with the EU’s at our point of exit.
In May 2018 the government published a presentation setting out this position. The presentation is available at https://www.gov.uk/government/publications/framework-for-the-uk-eu-partnership-data-protection.
The government recognises children need particular protection when their personal data is collected and processed as they may be less aware of the risks involved. The GDPR offers clear protection of children’s privacy and privacy notices must be written in a way that children are able to understand. Organisations that process children’s data must ensure that they use a data protection by design and default approach.