Information Commissioner's Office
Blog: ICO regulatory sandbox
Work begins on creating ICO Sandbox short list as application period closes
Applications for the ICO Sandbox have now closed and we have had a fantastic response, with 64 submissions received in total.
Organisations have clearly put a good deal of thought into how they want to work with us to help ensure that their innovative projects using personal information can comply with data protection law.
Our initial analysis suggests that there are many high quality, viable applications. There was also an interesting spread of applicants from different sectors and of varying size.
So what happens now?
The sandbox team will carry out an initial triage sift process of each application, scoring them against our selection criteria, before creating a short list. This will then go before an internal assessment panel for final decisions.
We anticipate around 10 projects will be chosen for the initial beta phase of the sandbox, although this may vary slightly depending on the nature of the successful applications.
It is anticipated the successful applicants will be informed in July, when our team will work with them to draw up detailed plans for their journey through the sandbox.
So we have reached ‘the end of the beginning’ and now the real, practical work begins in earnest. However, the sandbox team would like to take this opportunity to thank all who participated in the initial discussions, round table events and conference feedback sessions and helped to inform how this exciting new project will work in practice.
Please get in touch with any Sandbox queries as deadline for applications approaches
As the deadline for applying to take part in the ICO’s Regulatory Sandbox is fast approaching, we thought this would be an opportune time to provide a quick update on progress to date and to identify any additional issues we have encountered during our recent engagement with prospective applicants.
Since we opened the beta phase of our sandbox for applications at the end of March, we have had a great response. Lots of people and organisations have contacted the dedicated sandbox team to talk things through and we had some great questions and feedback at the workshops we held at the ICO’s annual Data Protection Practitioners’ Conference in Manchester last month.
We are really keen to promote further dialogue. Our specialist staff are on hand, ready to talk to people and organisations who might be thinking of putting an application in or who are unsure about whether or not the sandbox will be right for their product or service. We can help explain the principles, the process and what is needed in more detail.
We are very excited by the potential of some of the projects being discussed with us and full, completed applications have already started coming in, which is great.
We would like to take this opportunity to remind prospective applicants that the sandbox is open to organisations of all sizes and from all sectors. They should be developing a new, innovative product or service which uses personal data and which will benefit the public, but which may have some data protection risk identified.
Applicants really need to spell out the innovation and public benefit of what they are doing. They should use straightforward language to explain why their product is something genuinely new and exciting, and how it will benefit people.
Evidence is also vital. This doesn’t need to be masses of information but if an application is supported by a claim regarding the problem the product or service seeks to solve, its unique nature or its potential benefit to the public, then there should information to back this up. The application should then join the dots and spell out how your innovation will address this.
So don’t be scared to email us in first instance at firstname.lastname@example.org or pick up the phone if you have already engaged with us. Early and direct engagement with the sandbox team can clear up any grey areas and will invariably lead to a stronger application. And that will lead to a potentially much better outcome for everyone concerned – the organisation, the ICO and, ultimately, the UK public.
The deadline for applications is noon on Friday 24 May.
Latest News from
Information Commissioner's Office
Blog: Work on updating the ICO’s Journalism code continues10/05/2021 09:10:00
Blog posted by: Anulka Clarke, Acting Director of Regulatory Assurance, 07 May 2021.
Five things we learned from DPPC 202107/05/2021 15:20:00
The ICO’s Data Protection Practitioners’ Conference 2021 was held this week, bringing together more than 3,000 data protection professionals from across the country.
Data Protection Practitioners’ Conference 202105/05/2021 14:15:00
Elizabeth Denham’s speech at the Data Protection Practitioners’ Conference on 5 May 2021
Digital Regulatory Cooperation Forum’s response to DCMS on the future of the digital regulatory landscape05/05/2021 12:05:00
The Digital Regulatory Cooperation Forum (DRCF) has submitted its response to the Department of Digital, Culture, Media and Sport (DCMS) on the future of the digital regulatory landscape and how to achieve coherence in regulatory approaches across digital services.
Blog: Free advisory check-ups help small businesses make the best use of their data30/04/2021 16:25:00
A blog from Syed Ali, Lead Engagement and Regulatory Assurance Officer
Data protection is an enabler for trust and confidence in the implementation of digital identity systems23/04/2021 12:25:00
Blog posted by: Steve Wood, Deputy Commissioner (Executive Director, Regulatory Strategy), 22 April 2021.
How the ICO Innovation Hub is enabling innovation and economic growth through cross-regulatory collaboration21/04/2021 14:20:00
The COVID-19 pandemic has changed work for so many of us around the world; forcing innovation and new ways of working. And that’s just as true for regulators – we’ve had to adapt to develop new ways to support organisations.
Tribute to His Royal Highness The Duke of Edinburgh12/04/2021 14:10:00
Statement from Elizabeth Denham, Information Commissioner.