Thursday 23 Jul 2020 @ 14:48
Information Commissioner's Office
Printable version

Blog: ICO regulatory sandbox

First reports published from the Regulatory Sandbox.

The first reports from participants in our regulatory sandbox have been published, revealing the outcomes of collaborations between the ICO and two of the organisations who were among the participants in the pilot phase of the scheme.

This beta phase set out to road test’ the scheme ahead of a full launch. We were seven months in when the pandemic struck, impacting businesses and organisations across the board in different ways.

As a result some of our participants were unable to continue working in the same way – so we worked flexibly with them to rescope their work with us. For some projects we have agreed extensions, and others have continued as planned and are now nearing the natural end of their projects

JISC and Heathrow Airport Ltd reports mark the first steps towards achieving the aim of the sandbox: to show that data protection can be combined with real world innovative solutions. 

When we launched the scheme in September 2019, we were extremely encouraged by the calibre and number of applications we received (63) from a broad range of sectors. The ten programmes that were selected, were chosen because they were viable and because of the real public benefit they could deliver through ground breaking products and services.

What was heartening for us was the fact that so many organisations wanted to work with us to prioritise data protection and incorporate it into their ideas from the outset. It was clear that both public and private sectors wanted to adopt a data protection by design approach – a cornerstone of the GDPR.

These are the first two reports, the other projects from the beta phase are at earlier stages in the scheme and their reports will be published on completion.

JISC – Wellbeing Code of Practice

JISC is a not-for-profit organisation serving the higher and further education and skills sectors. It champions the importance and potential of digital technologies for UK education and research.

Within the sandbox, JISC has developed a Wellbeing Code of Practice with universities and colleges who want to investigate the use of student activity data to improve their provision of student support services.

Helping them protect both their privacy and wellbeing.

It shows that good data protection can enable higher education providers to provide their duty of care to students by using the resources and data they already have available to them.

Heathrow Airport Ltd – Automation of the Passenger Journey programme

Heathrow Airport’s Automation of the Passenger Journey programme aimed to streamline the passenger journey by using biometrics. Facial recognition technology would be offered at check-in, self-service bag drops and boarding gates to create a seamless experience for passengers travelling through the airport. Passengers would no longer have to present different forms of documentation, such as boarding cards and passports, at different points in their journey to prove their identity and show that they are authorised to travel.

Review

This first phase of the sandbox has been a beneficial experience for all parties, in our March blog we provided an update which reviewed progress made and the positive experiences of participants.

They have gained an insight into how data protection does not hinder innovation and how the two can work together. By working alongside us, they have also been able to help develop our views on compliance issues which have informed our own advice and guidance.

The ICO sandbox team has, in turn, expanded its understanding of how it can support organisations that are striving to innovate in a world where technology is moving at a fast pace and people are increasingly aware of their privacy rights.

This successful trial run, has given us the opportunity to introduce improvements ahead of the full launch. We will be publishing details about this, the new themes we will be focusing on and how organisations can register their interest in the near future.

In the meantime, we are always keen to hear from you and if you have any enquiries please contact sandbox@ico.org.uk

Click here for the full blog post

 

Channel website: https://ico.org.uk/

Original article link: https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2020/07/first-reports-published-from-the-regulatory-sandbox/

Share this article

Latest News from
Information Commissioner's Office

ICO statement on Upper Tribunal ruling

25/04/2024 14:10:00

The Upper Tribunal has ruled on our action to require Experian Limited to change how it handles people’s personal data, dismissing our appeal of the First-tier Tribunal’s ruling of 20 February 2023.

ICO fines two companies a total of £340,000 for making aggressive and unwanted marketing calls

24/04/2024 15:20:00

The Information Commissioner’s Office (ICO) has fined Cardiff-based Outsource Strategies Ltd (OSL) £240,000 and London-based Dr Telemarketing Ltd (DRT)£100,000 after the companies made a total of almost 1.43 million calls to people on the UK’s “do not call” register, the Telephone Preference Service (TPS).

Housing association reprimanded for exposing personal information on online portal

19/04/2024 14:10:00

We have issued a reprimand to Clyde Valley Housing Association in Lanarkshire after personal information was accessible to other residents on an online customer portal. 

ICO publishes guidance to improve transparency in health and social care

16/04/2024 09:10:00

The Information Commissioner’s Office (ICO) is supporting health and social care organisations to ensure they are being transparent with people about how their personal information is being used.

Information Commissioner’s Office seeks views on accuracy of generative AI models

12/04/2024 12:25:00

The Information Commissioner’s Office (ICO) has launched the latest instalment in its consultation series examining how data protection law applies to the development and use of generative AI.

ICO joins global data protection and privacy enforcement programme

04/04/2024 15:20:00

The Information Commissioner’s Office (ICO) has signed onto a new international multilateral agreement with the Global Cooperation Arrangement for Privacy Enforcement (Global CAPE) to cooperate in cross-border data protection and privacy enforcement.

ICO sets out priorities to protect children's privacy online

04/04/2024 09:10:00

The Information Commissioner’s Office (ICO) is calling on social media and video-sharing platforms to improve their data protection practices so children are safer when using their services. 

ICO publishes new fining guidance

19/03/2024 09:10:00

The Information Commissioner’s Office has published new data protection fining guidance setting out how it decides to issue penalties and calculate fines.

ICO reprimands Dover Harbour Board and Kent Police over information sharing

18/03/2024 10:20:00

The Information Commissioner’s Office (ICO) has issued reprimands to Dover Harbour Board and Kent Police after they breached data protection law.