Well, shock horror, the UK has changed its mind again - this time with data laws. Say hello to the Data Protection and Digital Information Bill (which rolls off the tongue like a GDPR compliance policy read backwards.)
So what’s changed? Quite a bit and it’s a bit of a mixed bag. Think: new-found freedoms for charities and analytics… and a potential hellscape for inboxes and post boxes everywhere.
The good bits (yes, there actually are some!)
1. Charities can breathe again
Gone are the days where a small charity couldn’t email its supporters without a 42-page consent form, a blood sample, and a signed policy from a data officer. Under the new rules, they’ll be able to carry out "legitimate interest-based activities” a bit more freely, meaning they can do their jobs without tripping over red tape every 5 minutes. Having watched many of our third sector clients lose most of their historic marketing data for GDPR purposes, I’m pleased to know they’ll be back out spreading the message of what they do to people who legitimately want to know (but just didn’t fill the right form in).
2. Cookie banners might chill out
Yes, I’m bored of them too. The banners that pop up on every site like an overzealous nightclub bouncer? “Do you accept cookies? Are you SURE? How about these ones? Click here. And here. And here. Where are you going?”
Well, under the new law, sites might not need to ask for consent just to run basic analytics. That’s right: tracking visits without interrupting someone’s entire user journey might be legal again. For me this makes the most sense, anonymous usage tracking is not hurting anyone. Of course we should require consent for ads and personal data sharing, but does anyone really care that your anonymous page view has been tracked?
The bits I’m not so happy about…
1. Guess who’s back, back again… Direct Marketing
The new rules open the doors even wider for companies to claim “legitimate interest” when sending you junk mail, spammy texts, or that all-important 20%-off voucher for patio furniture you never asked for. Basically, if you ‘might’ buy their product or service – that’s now legitimate interest. Sure it is.
2. The “public safety” loophole
One of my favourite authors is George Orwell. 1984 a personal favourite. This one scares me.
Buried deep in the bill is a clause that lets the government process personal data for the broadly defined reasons of “public interest and safety.” Which is fine if we’re talking about national emergencies and terrorism of course… less fine if it becomes a convenient excuse for overreach.
“War is peace. Freedom is Slavery. Ignorance is strength” … right?
Is it progress?
Honestly? Yes, but with a side of caution. I always thought the old rules went a little too far anyway, especially anonymous use tracking.
For organisations like charities and non-profits, this is a relief. It dials down the bureaucracy and lets them talk to people who want to help. And for digital teams stuck in cookie consent hell, this could mean simpler tracking, better insights, and less faffing around.
But (and it’s a big but) I’m not thrilled about opening the floodgates to marketing free-for-alls and grey-area government data grabs.
As always, the devil is in the (increasingly flexible) details.