UK launches data reform to boost innovation, economic growth and protect the public

The Information Commissioner’s Office (ICO) is set for an overhaul to drive greater innovation and growth in the UK’s data sector and better protect the public from major data threats, under planned reforms announced by the Digital Secretary Oliver Dowden today. One year on from the publication of the National Data Strategy, the government has today launched a wide-ranging consultation on proposed changes to the UK’s data landscape. As part of this, a new governance model is planned for the ICO, including an independent board and chief executive to mirror…

Read More

New UK certification schemes will “raise the bar” of data protection in children’s privacy, age assurance and asset disposal

The Information Commissioner’s Office (ICO) has approved the first UK GDPR certification scheme criteria. Certification was brought in under the UK GDPR as a way to help organisations demonstrate compliance with data protection rules and, in turn inspire trust and confidence in the people who use their products, processes and services. Certification works by providing a framework for organisations to follow, which offers clients and customers assurance that they are adhering to strong standards. Organisations with expertise in a particular area can develop scheme criteria. The ICO has approved the…

Read More

ICO consults on how organisations can continue to protect people’s personal data when it’s transferred outside of the UK

The Information Commissioner’s Office (ICO) has launched a public consultation on its draft international data transfer agreement (IDTA) and guidance. When organisations send personal information to a country outside the UK, they must ensure people’s data protection rights continue to be protected. An IDTA is a contract that organisations can use when transferring data to countries not covered by adequacy decisions. The IDTA will replace the current standard contractual clauses (SCCs) to take into account the binding judgment of the European Court of Justice in a case commonly known as…

Read More

New guidance on direct marketing and the public sector from ICO

The Information Commissioner’s Office (ICO) has published a new resource to help public sector organisations understand when the direct marketing rules will apply to their messages. The guidance is aimed at those responsible for data protection within public sector organisations. Direct marketing is broad and covers all types of advertising or marketing that is directed at individuals. It involves any type of communication including emails, text messages, direct messaging on social media and more traditional methods such as phone calls and post. It includes commercial marketing (eg the promotion of…

Read More

New toolkit launched to help organisations using AI to process personal data understand the associated risks and ways of complying with data protection law

Alister Pearson, the ICO’s Senior Policy Officer – Technology has put out a blog on their website which introduces a new beta version of their AI and Data Protection Risk Toolkit. He explains how it can assure organisations that use AI to process personal data that they are processing it in line with the law and how organisations can help the ICO shape a final version. “Understanding how to assess compliance with data protection principles can be challenging in the context of AI. From the exacerbated, and sometimes novel, security…

Read More