Information Commissioner's Office
Blog: ICO regulatory sandbox
Discussion Paper and Intention to Apply Survey
In November we published an analysis of the call for views on our proposed regulatory sandbox. Since then, we have continued to develop the systems and processes necessary to launch a fully functioning beta phase of our sandbox, with the aim of opening for applications at the end of April.
We’ve had lots of questions about how our sandbox might work in practice and we know that organisations will be considering whether an application will be right for them.
With that in mind, we have published our sandbox discussion paper which explains to potential participants how we see the sandbox working in practice. The paper sets out our thinking so far - from early engagement through to application, sandbox entry and, ultimately, exit.
The paper will form part of the discussion at our sandbox workshop event in London on 6 February. This event is now fully booked but we would still welcome feedback on the project, including from any potential sandbox participants. We’ve included discussion questions throughout the paper and are asking people to send their views to firstname.lastname@example.org.
To help us plan our resources and build the sandbox appropriately, we are also now opening our ’Intention to apply’ survey. This will enable organisations to tell us in advance about any product or service that they might consider entering into the sandbox.
It is not an application – the full formal process will open later in the year – but will give us more of an idea about the numbers and types of formal applications we are likely to receive.
The survey will remain open until we open for applications and is entirely voluntary and non-binding. Click here to access the survey.
The sandbox is open to all sectors and all sizes of organisation, so whether public, private or third sector, a tech start-up or an innovation hub at a large established company or Government body, please do get in touch if you plan to use personal data in a new and innovative way.
Chris Taylor is a Head of Assurance at ICO working on the development of ICO's operational approach to Codes Of Conduct, Certification Schemes, Regulatory Sandbox and eIDAS.
Latest News from
Information Commissioner's Office
ICO fines Vote Leave £40,000 for sending unlawful text messages20/03/2019 09:10:00
The Information Commissioner’s Office (ICO) has fined Vote Leave Limited £40,000 for sending out thousands of unsolicited text messages in the run up to the 2016 EU referendum.
A call for participation: Building the ICO’s auditing framework for Artificial Intelligence19/03/2019 16:10:00
Blog posted by: Simon McDougall, 18 March 2019.
Two Birmingham workers fined for data protection breaches19/03/2019 12:20:00
Employees could face a criminal prosecution if they access or share personal data without a valid reason, the Information Commissioner’s Office has warned.
ICO raids businesses in Brighton and Birmingham suspected of making millions of nuisance calls13/03/2019 09:10:00
The Information Commissioner’s Office (ICO) has searched two addresses as part of an investigation into businesses suspected of making live and automated nuisance calls.
International Conference of Information Commissioners 201912/03/2019 09:10:00
Elizabeth Denham's opening address given yesterday to the International Conference of Information Commissioners.
Blog: Adtech fact finding forum shows consensus on need for change08/03/2019 16:20:00
There’s a well-quoted line from Steve Jobs, that as Apple CEO he didn’t employ smart people to tell them what to do, but so that they could tell him what to do.
Blog: Why the right of access to patient data needn’t be a headache for GPs08/03/2019 13:20:00
Blog posted by: Jovian Smalley, Group Manager – Engagement (Public Services), 07 March 2019.
Organisations should be doing more to achieve privacy accountability06/03/2019 09:10:00
The Global Privacy Enforcement Network's (GPEN) annual intelligence gathering operation looked at how well organisations have implemented the core concepts of accountability into their own internal privacy policies and programmes.