Information Commissioner's Office
Blog: Information Commissioner sets out new priorities for UK data protection during COVID-19 and beyond
Blog posted by: Elizabeth Denham, Information Commissioner, 05 May 2020.
Last month, as the ICO set out its regulatory approach during the COVID-19 pandemic, I spoke of the importance of regulators applying their authority within the larger social and economic situation.
The document we published that day made clear what organisations can expect of us in the coming months.
My office’s role is to be both an enabler and a protector. We must reflect the requirements and reality of those we regulate, and engage on how data protection can enable innovation that can respond to the pandemic. And the onus is on us to provide that expertise and input at pace.
And we must also protect people’s privacy. We have always been clear of the importance of privacy protections, which are a part of modern life we must not lose.
I want to set out how we have reshaped our priorities for the coming months. My teams have been closely monitoring the current trends, recent complaints or requests for support. We have looked ahead to assess where and how we should narrow our focus on the areas we can have the greatest impact to protect the public interest and support economic growth and innovation:
Protecting the public interest: we are focused on the information rights issues that are likely to cause the most harm or distress to the largest number of citizens and businesses.
Enabling responsible data sharing: ensuring that data can be shared responsibly and with confidence for the public good, including responding to the risk arising from a failure to share.
Monitoring intrusive and disruptive technology: we are ensuring we protect privacy, while enabling innovation and supporting the economy.
Over the coming months our work is aligning to the following priorities:
1. Protecting our vulnerable citizens
We are responding to the immediate privacy and information rights risks, issues and opportunities presented by COVID-19 in order to support frontline workers and protect the public. We are identifying and taking action against those seeking to use or obtain personal data unlawfully or inappropriately during COVID-19 so that the public and businesses feel confident that the ICO is protecting them at this time when they may be especially vulnerable to financial or other loss
2. Supporting economic growth and digitalisation, including for small businesses
By providing access to clear information, support and practical tools for businesses they are able to grow and offer services safely when sharing personal data or developing AI technology, in ways which inspire public trust and confidence and comply with the law.
3. Shaping proportionate surveillance
We are maintaining a high level of awareness and insight of the medium term privacy and information rights impact of COVID-19, which include contact tracing, testing and other emerging surveillance issues.
4. Enabling good practice in AI
We are prepared and shaping the ongoing development and use of AI in response to COVID-19, to ensure privacy considerations are engineered into the use of AI across the digital economy, from consumer products to surveillance applications.
5. Enabling transparency
We are supporting organisations to be transparent about decisions taken that affect citizens, including how personal data is used, in order to improve public confidence about and civil participation in those decisions.
6. Maintaining business continuity: developing new ways of working in readiness for recovery
We are effectively managing and coordinating activity during the pandemic, supporting staff and managing our own response and recovery so that our infrastructure, planning, resources and people are in place to deliver the right work, at the right time, throughout the pandemic period and we are prepared for the future.
While this means some ICO projects are being paused, we will still be maintaining our statutory functions, including dealing with complaints, and investigating data breach reports, as we set out previously.
And we’ll be making decisions about how quickly, and when, those projects will resume when the post-pandemic economic landscape becomes clearer over the coming months.
The ICO has reshaped its priorities for the coming months. We have considered the current landscape and looked ahead to assess where and how we should narrow our focus on the areas we can have the greatest impact to protect the public interest and support economic growth and innovation.
Elizabeth Denham was appointed UK Information Commissioner on 15 July 2016, having previously held the position of Information and Privacy Commissioner for British Columbia, Canada.
Latest News from
Information Commissioner's Office
ICO approves the first UK eIDAS Regulations Qualified Trust Service Provider28/07/2021 09:10:00
The Information Commissioner’s Office has approved GlobalSign as the UK’s first qualified trust service provider [QTSP] under the UK eIDAS Regulations.
ICO's blog on its information rights work26/07/2021 16:20:00
Colleagues from the ICO’s FOI Directorate share their experiences and involvement in raising awareness of our regulation of access to information legislation.
Blog: New toolkit launched to help organisations using AI to process personal data understand the associated risks and ways of complying with data protection law21/07/2021 09:20:00
Alister Pearson, the ICO’s Senior Policy Officer – Technology introduces a new beta version of our AI and Data Protection Risk Toolkit. He explains how it can assure organisations that use AI to process personal data that they are processing it in line with the law and how organisations can help the ICO shape a final version.
Blog: What’s next for the Accountability Framework?19/07/2021 09:10:00
Blog posted by: Anulka Clarke, 15 July 2021.
Blog: Reflecting on the past five years of fundraising and data protection regulation16/07/2021 14:43:00
Lord Toby Harris, Chair of the Fundraising Regulator & Elizabeth Denham CBE, the UK Information Commissioner, reflect on the past five years of fundraising and data protection regulation in the charity sector.
Statement on ICO investigation into Department of Health and Social Care CCTV footage16/07/2021 09:10:00
The ICO can confirm it is investigating an alleged data breach.
ICO fines transgender charity for data protection breach exposing sensitive personal data09/07/2021 09:25:00
The Information Commissioner’s Office (ICO) has fined transgender charity Mermaids £25,000 for failing to keep the personal data of its users secure.
ICO publishes annual tracking research07/07/2021 15:15:00
77% of people say protecting their personal information is essential, research commissioned by the ICO has found.