Small British businesses will no longer be required to have a data protection officer and fill out “lengthy impact assessments.”  Internet users will be given the option to opt-out rather than needing to opt-in for the collection of cookies — which track users around the internet. The government said the change will cut down on “the irritating boxes users currently see on every website”.

As Britain diverges from the bloc and faces legal action from Brussels for threatening the Northern Ireland protocol, Prime Minister Boris Johnson will have to balance apparent opportunities with the risk of jeopardizing a key deal signed last year guaranteeing data flows between the UK and the continent, which has a clause allowing for regular reviews.

A DCMS spokeswoman didn’t immediately respond to a request for comment on maintaining a “data adequacy” arrangement.

The bill also increases fines for the perpetrators of nuisance calls and texts, and says researchers will not need to be as specific about why they’re collecting data: they could rely on a previous consent for “cancer research,” rather than getting a new approval for their particular study, for instance.

The government will also be able to exert more control over the country’s data watchdog, the Information Commissioner’s Office. Culture Secretary Nadine Dorries will have to approve its statutory codes and guidance before they are presented to Parliament.