UK Data Protection law is changing