Information Commissioner's Office
Blog: ICO regulatory sandbox
Work begins on creating ICO Sandbox short list as application period closes
Applications for the ICO Sandbox have now closed and we have had a fantastic response, with 64 submissions received in total.
Organisations have clearly put a good deal of thought into how they want to work with us to help ensure that their innovative projects using personal information can comply with data protection law.
Our initial analysis suggests that there are many high quality, viable applications. There was also an interesting spread of applicants from different sectors and of varying size.
So what happens now?
The sandbox team will carry out an initial triage sift process of each application, scoring them against our selection criteria, before creating a short list. This will then go before an internal assessment panel for final decisions.
We anticipate around 10 projects will be chosen for the initial beta phase of the sandbox, although this may vary slightly depending on the nature of the successful applications.
It is anticipated the successful applicants will be informed in July, when our team will work with them to draw up detailed plans for their journey through the sandbox.
So we have reached ‘the end of the beginning’ and now the real, practical work begins in earnest. However, the sandbox team would like to take this opportunity to thank all who participated in the initial discussions, round table events and conference feedback sessions and helped to inform how this exciting new project will work in practice.
Please get in touch with any Sandbox queries as deadline for applications approaches
As the deadline for applying to take part in the ICO’s Regulatory Sandbox is fast approaching, we thought this would be an opportune time to provide a quick update on progress to date and to identify any additional issues we have encountered during our recent engagement with prospective applicants.
Since we opened the beta phase of our sandbox for applications at the end of March, we have had a great response. Lots of people and organisations have contacted the dedicated sandbox team to talk things through and we had some great questions and feedback at the workshops we held at the ICO’s annual Data Protection Practitioners’ Conference in Manchester last month.
We are really keen to promote further dialogue. Our specialist staff are on hand, ready to talk to people and organisations who might be thinking of putting an application in or who are unsure about whether or not the sandbox will be right for their product or service. We can help explain the principles, the process and what is needed in more detail.
We are very excited by the potential of some of the projects being discussed with us and full, completed applications have already started coming in, which is great.
We would like to take this opportunity to remind prospective applicants that the sandbox is open to organisations of all sizes and from all sectors. They should be developing a new, innovative product or service which uses personal data and which will benefit the public, but which may have some data protection risk identified.
Applicants really need to spell out the innovation and public benefit of what they are doing. They should use straightforward language to explain why their product is something genuinely new and exciting, and how it will benefit people.
Evidence is also vital. This doesn’t need to be masses of information but if an application is supported by a claim regarding the problem the product or service seeks to solve, its unique nature or its potential benefit to the public, then there should information to back this up. The application should then join the dots and spell out how your innovation will address this.
So don’t be scared to email us in first instance at firstname.lastname@example.org or pick up the phone if you have already engaged with us. Early and direct engagement with the sandbox team can clear up any grey areas and will invariably lead to a stronger application. And that will lead to a potentially much better outcome for everyone concerned – the organisation, the ICO and, ultimately, the UK public.
The deadline for applications is noon on Friday 24 May.
Latest News from
Information Commissioner's Office
Blog: Adtech - the reform of real time bidding has started and will continue17/01/2020 16:25:00
A blog by Simon McDougall, ICO Executive Director of Technology and Innovation
National retailer fined half a million pounds for failing to secure information of at least 14 million people10/01/2020 13:25:00
The Information Commissioner’s Office (ICO) has fined DSG Retail Limited (DSG) £500,000 after a ‘point of sale’ computer system was compromised as a result of a cyber-attack, affecting at least 14 million people.
ICO launches consultation on draft direct marketing code of practice09/01/2020 09:10:00
The Information Commissioner's Office (ICO) has launched a public consultation on a draft direct marketing code of practice.
Blog: The benefits of sharing personal data – what can we learn from Open Banking?07/01/2020 13:20:00
The ICO’s Regulators’ Business Innovation Privacy Hub has recently been looking at the key data protection considerations for innovators who are working in the Open Banking space.
Trust, technology and slippers with torches02/01/2020 14:10:00
Jonathan Bamford holds up a tatty bundle of papers. They’re scrumpled, time worn, ripped and held together with yellowing Sellotape, but with the Royal coat of arms crown still proudly visible on the cover.
Statement on ICO-approved certification schemes23/12/2019 12:10:00
The ICO has announced it will be working with UK Accreditation Service (UKAS) to deliver the ICO-approved certification schemes.
London pharmacy fined after “careless” storage of patient data20/12/2019 14:25:00
The Information Commissioner’s Office (ICO) has fined a London-based pharmacy £275,000 for failing to ensure the security of special category data.
Blog: The Data Protection Fee: does your company need to pay?04/12/2019 10:10:10
Blog posted by: Paul Arnold, Deputy Chief Executive Officer/Executive Officer, 03 December 2019.
Blog: ICO and The Alan Turing Institute open consultation on first piece of AI guidance03/12/2019 09:10:00
A blog aimed at data scientists, app developers, business owners, CEOs or data protection practitioners, whose organisations are using, or thinking about using, artificial intelligence (AI) to support, or to make, decisions about individuals, by Simon McDougall, Executive Director Technology and Innovation (02 December 2019).