GDPR vs. the Data Protection Act; the Main Differences

IAAF Service Member, Xecutive Search, has provided a summary of the main differences between the new GDPR legislation and the existing Data Protection Act.

The imminent introduction of the Europe-wide General Data Protection Regulation (GDPR) will usher in a new era of enhanced data protection standards when it comes into effect in May 2018.

The introduction of GDPR represents the most significant shift in data security standards for several decades, and yet many businesses across the country remain largely unaware of its implications, and how the new rules will differ from the existing UK Data Protection Act.

Although many of the underlying principles remain the same, the fact remains that GDPR’s scope is far more comprehensive and wide-reaching, meaning businesses will need to amend their data protection policies accordingly – or potentially face serious consequences.

The basics
On a basic level, the GDPR is designed as a direct replacement for the Data Protection Act, which was introduced in 1995 as a UK equivalent to the EU’s 1995 Data Protection Directive.

Affecting all UK companies that collect or process personal information on EU citizens, the new laws are intended to help protect the privacy and rights of individual consumers, giving data subjects more clearly delineated rights regarding what data is held about them, how it can be used, and when it should be deleted.

Although the new law reduces the overall number of principles from eight to six, the revamped regulations will be much broader in scope than the existing ones, handing the consumer greater control over their own personal data, and imposing harsh penalties on organisations that fail to comply. It’s also worth remembering that the laws apply to any company holding data on EU citizens, regardless of where they are based; as such, their continued relevance will not be affected by the UK’s departure from the EU, which is why the British government is working to enshrine them in UK law post-Brexit.

Key differences
Given the broad-based impact of GDPR and the speed at which the deadline for compliance is approaching, it’s essential that every company takes the time to consider the key differences between the new and old rules.

  • Geographic reach and scope: The previous European Data Protection Directive utilised much more of a light-touch approach than GDPR, setting out aims and requirements for data protection standards that were then implemented through national legislation, such as the UK’s Data Protection Act. By contrast, GDPR is a binding piece of regulation, which will be legally enforceable as soon as it comes into effect on May 25th, and will apply to all EU nations and every company holding data on EU citizens.
  • Definition of personal data: GDPR will expand the definition of “personal data” to include a much wider range of consumer information. Whereas the Data Protection Act only pertains to information used to identify an individual or their personal details, GDPR broadens that scope to include online identification markers, location data, genetic information and more.
  • Consent policies: This is one of the defining differences between GDPR and the Data Protection Act. Under the old rules, data collection does not necessarily require an opt-in, but under GDPR clear privacy notices must be provided to consumers, allowing them to make an informed decision on whether they consent to allow their data to be stored and used. This consent can then be withdrawn at any time.
  • Data breach policies: With the current rules in place, businesses are under no obligation to report when data breaches occur, although they are encouraged to do so. This will change with the advent of GDPR, with any future breaches having to be reported to the relevant authorities within 72 hours of the incident.
  • Accountability: GDPR will place a much greater focus on explicit accountability for data protection, placing a direct responsibility on companies to prove they comply with the principles of the regulation, rather than the hands-off approach of the Data Protection Act. This means firms will need to commit to mandatory activities such as staff training, internal data audits and keeping detailed documentation if they wish to avoid falling foul of the GDPR rules.
  • Data protection governance: The Data Protection Act does not stipulate how the governance of data security functions should be allocated, requiring only a basic commitment to the concept from management. GDPR will change this, as any company employing more than 250 people will be mandated to appoint a dedicated data protection officer, as will any firm processing more than 5,000 subject profiles annually.
  • Penalties and compensation: Currently, non-compliance with the Data Protection Act can see companies fined up to £500,000, or one per cent of annual turnover. Under GDPR, these limits will rise significantly to €20 million, or four per cent of annual turnover, whichever is higher. It is also worth remembering that GDPR will allow individuals to claim compensation for material and non-material damage resulting from data security lapses, whereas the current rules only cover material damage.

Business action
The scope of these changes underlines the need for companies to move fast to adjust their data protection policies to account for GDPR, if they have not already done so.

This includes carrying out a thorough audit of current data usage practices and policies, with staff training and HR reviews conducted to make sure everyone is up to speed with the new rules. Documentation should also be comprehensively collated to make sure that compliance with GDPR rules can be demonstrated when needed.

By taking these steps, companies can make sure they maintain their status as trusted custodians of private data beyond May 2018.

Your Comments

UK pay-per-mile road charging proposed for lorries

The Government is considering a pay-per-mile road charging system for HGVs, as ministers seek to incentivise hauliers into making the most efficient use of the UK’s road network.

Speaking on Radio 4 just before Christmas, Transport Minister Chris Grayling said rather than penalising HGV drivers, charging lorries based on distance travelled and types of road used would create a level playing field with foreign haulage firms.

“Our hauliers often complain that a continental trucker comes in with a tank full of lower duty diesel, spends several days working in the country, goes away again and pays nothing towards the use of the roads”, Grayling said.

“We already have a system in place that provides some limited contribution, but we’re now consulting the industry.”

The consultation over HGV road pricing is set out in a Department for Transport (DfT) document, which stresses the Government’s intention is “not to raise more money from hauliers” but to “better support wider Government objectives”, such as improving air quality.

The Transport Secretary made clear any possible pay-per-mile charging system for cars was not coming “in the foreseeable future”. The increasing popularity of electric cars means revenue from fuel duty is likely to fall over coming years, however.

The main objectives given for the reform of the HGV Levy are to:

  • reward hauliers that plan their routes efficiently
  • incentivise efficient use of roads
  • improve environmental performance, including air quality and carbon emissions

The consultation ends on 26 January 2018. To read the DfT consultation document and submit a response CLICK HERE.

Your Comments


New car CO2 emissions rise for the first time in 14 years

An anti-diesel agenda has resulted in new car CO2 emissions rising for the first time in 14 years as people make the switch to petrol, recent research suggests.

Department for Transport figures show that the average new car sold in 2017 produces more CO2 than one sold in 2016, reversing a continuous decline in emissions of the greenhouse gas since the figures were first published by the Government in 2003.

The rise has been attributed to the drop in sales of diesel cars which are generally more efficient, and produce less CO2, than an equivalent petrol model. After recent tax rises, the threat of widespread inner city charges for older diesel cars and new findings about the harmful effects of fumes, diesel sales have declined by 16% so far this year.

Official Government statistics for the first 10 months of 2017 show that the average new car produces 121.1g of CO2 per kilometre. The full annual figure is on course to exceed the 120.3g/km recorded last year. It ends a 14-year trend of falling CO2 emissions, which have declined by 4.02g/km annually since 2003.

The information is based on data on new car registrations, collected by the Driver and Vehicle Licensing Agency (DVLA).

Car manufacturers are under pressure to meet an EU target of cutting average car CO2 emissions across the industry to 95g/km by 2021, but the recent backlash against diesel has damaged their strategy of meeting the target by selling more efficient diesel cars.

Although sales of new electric and hybrid cars have increased by 35% in 2017, this only represents an extra 28,611 cars compared with 2016. The number of new diesel cars sold has fallen by more than 190,000.

A Department for Transport spokesman said: “We will seek to maintain ambitious targets and our leadership position, and intervening firmly if not enough progress is being made.

“Our ambitious Clean Growth Strategy includes investing nearly £1.5 billion in accelerating the roll-out of ultra-low emission vehicles by 2020 – generating business opportunities and leading to cleaner air and lower greenhouse gas emissions.”

Your Comments

Banner Batteries celebrates 80th anniversary

Banner Batteries ended 2017 on a double high; in addition to 2017 marking the 80th anniversary of its foundation in 1937, the company has witnessed the 80 millionth battery roll off its Austrian production line.

And whilst Banner’s current owners, descendents of the company’s founder, Artur Bawart, are understandably delighted to mark such important milestones, they remain committed to developing the business through an ambitious and ongoing investment programme.

Over the last six years Banner Batteries has invested over €50 million in developing its main manufacturing plant, located in Leonding, having allocated an additional €15 million to an ongoing, capacity enlargement project.

This high level of investment has not only been used to further increase the capacity available for the manufacture of environment-friendly start-stop batteries, but also the start-up of a fully automated high-bay warehouse with around 10,000 additional pallet spaces.

As Andreas Bawart, Banner’s commercial chief executive officer states: “Further investments are in the pipeline in order to ensure that we achieve our future target of 20 per cent sales revenue growth, which will also see a double-digit increase in the size of the workforce.”

Andreas Bawart, commercial chief executive officer (right) and Thomas Bawart, technical chief executive officer

For its last financial year, the Banner Batteries Group saw the sale of starter batteries reach a record of 4.5 million.

Something that Andreas attributes to the success of “the long-term cooperation and partnerships Banner enjoys with its customers and suppliers.”

Andreas added: “Start-stop batteries from Banner make a decisive contribution to the environmental compatibility of motor vehicles.

“In the 2016/17 financial year alone, they provided fuel savings of around 66 million litres and a reduction in CO2 emissions of some 164,000 t.”

Banner is working systematically on the next lead-acid battery generation for e-vehicles offering low fuel consumption which still have the requirement for a reliable energy source.

With sales of full-hybrid or purely electric drive systems predicted to remain extremely modest, Banner will continue to focus on the start-stop segment in which it is regarded as one of Europe’s leading suppliers.

Andreas continued: “At present, we have several development projects in progress, which are targeted on an additional improvement in start-stop battery efficiency.

“The aim is to enhance power intake and output via perfected cell design, active mass additives and targeted design measures.”

Banner will also continue to develop its well-established recycling loop, which today enjoys the highest recovery ratio of all the recyclable goods on the market and which means that lead-acid batteries from Banner represent an exemplary resource-protective and sustainable product.

Banner started to recycle used batteries 50 years ago and the materials obtained are treated and reintroduced to the production chain in the form of new products.

Your Comments

Euro Car Parts develops VIEWMECH workshop video system

Euro Car Parts has launched its own video platform for repairers, which sends a short video explaining what additional repair work is needed to a customer’s vehicle. The VIEWMECH workshop video system, has been rolled out across the Euro Car Parts’ network, with early adopters reporting up to 25% more work conversions thanks to the straight-forward advisory upselling process.

When a technician identifies additional, urgent or advisory work, VIEWMECH enables them to film a short video and then send it via a text message link to a branded customer landing page. On average, the text messages are opened within two minutes, speeding up quote approval times for repairers.

The Sign Up Kit includes an Apple iPod Touch to run the VIEWMECH app and film the videos. Users can choose from two monthly subscription packages. Basic, which includes up to 25 video uploads a month, and Premium, which includes up to 150 uploads.

Matt Smith, owner of Bridge Autos in Halifax, has already invested in the technology. When asked about VIEWMECH, he said: “We find that sending personalised videos to our customers has a significant impact on the number of additional jobs that we convert. Our customers really appreciate the transparency and it helps them to understand any vehicle issues more easily. The feedback has been fantastic!”

The app works in conjunction with a dashboard, where the repairers can review the videos, add a quote and any notes before sending it to the customer and tracking how many views it has had. There’s a VRM look-up facility to confirm the make and model of the vehicle and each technician has their own profile, making the whole customer experience even more personalised.

Martin Gray, CEO of Euro Car Parts, said: “65-70% of franchised dealers are using personalised customer video software, but until recently the cost has been prohibitive for most independent repairers. VIEWMECH disrupts the market and puts this tool in the hands of the independents.”

He continued: “We are very excited about VIEWMECH’s potential to enhance the professionalism of independent repairers, increase transparency, build trust and improve customer service. As well as boosting revenue, it can increase customer retention and help win new business. It is exactly the kind of affordable solution the sector needs.”

Your Comments

VW UK extends scrappage scheme

Volkswagen UK is extending its successful Scrappage Upgrade scheme into 2018, further encouraging the switch to its latest generation, lower-emission new cars.

Almost 5,000 older diesel vehicles that comply with pre-Euro 5 emissions legislation, and registered before 2010, have already been removed from the road since the scheme was launched in the UK in September. Now, the incentive will run until 2 April 2018 – with deliveries of qualifying new vehicles to be completed by 30 June 2018.

The Volkswagen Scrappage Upgrade scheme means customers of qualifying vehicles are able to trade in their cars in exchange for incentives – ranging from £1,800 to £6,000 – against the majority of new Volkswagen models. The trade-in vehicle needs to have been owned by the customer for at least six months.

Alison Jones, director of Volkswagen UK, said, ‘We have already seen thousands of older cars taken off the road as UK drivers step into one of our new, lower emission, Volkswagens. All new Volkswagen petrol and diesel cars meet the latest Euro 6 emissions standards.’

Your Comments

Credit card surcharges

IAAF members should note that from 13 January 2018, businesses will be unable to charge consumers a debit or credit card surcharge in most instances.

EU rules. On 13 January 2018 the Payment Services Regulations 2017 will be amended to enable the requirements of the Second EU Payment Services Directive to be enshrined into UK law. From this date, new provisions in the Regulations will ban businesses from charging retail consumers a debit or credit card fee, or surcharge, in addition to the advertised price of a transaction (in most instances). The UK has also decided to extend this ban to all e-money account transactions, such as PayPal.

Business cards. Whilst there have been reports that state all card surcharges are now banned, this isn’t true. Where a payment is made by a business using a “commercial payment instrument”, the Regulations do not apply. This will include situations where a director or an employee uses a company-issued credit card to make a purchase, e.g. to book travel. In these situations, a surcharge can be applied but it must be limited to a fee not exceeding that incurred by the trader. They must also be able to prove these costs.

Applies to all. There is no small business exemption – the amended Regulations apply to all businesses regardless of their size. That said, certain types of contract are excluded from the Regulations; these include where a consumer is purchasing health, gambling or banking services, immovable property, foodstuffs and certain other goods for household consumption in specified circumstances.

Tip. The government has issued updated guidance on the new rules that apply to surcharges. If you are caught by them, download and read it as soon as possible.

Commercial transactions are not covered by the ban – a surcharge can still be added. However, it must not exceed the actual costs the trader incurs when accepting the payment method.

Your Comments