Information Commissioner's Office
Blog: Regulating through a pandemic and beyond
A blog by James Dipple-Johnston, Deputy Commissioner - Chief Regulatory Officer
When the ICO’s management team met at the start of the pandemic, to discuss how COVID-19 could impact the ICO’s work, our top priority was providing clarity to those we regulate.
We knew that, in uncertain times, organisations needed us to be clear about how we would regulate, and what they could expect to see us do differently.
That is why we published a document setting out our regulatory approach during the pandemic. We wanted to clearly explain what our commitment to being a pragmatic and empathetic regulator would look like in practice, while reiterating the important role that people’s information right would continue to have.
We have kept that document updated throughout the pandemic, outlining where our regulatory approach has adjusted and developed.
As we anticipated at the beginning of the pandemic, some organisations we regulate have faced significant difficulties supporting people’s information rights. NHS organisations, police and local and central government have all faced particular challenges, especially in responding to subject access and freedom of information requests.
Those challenges have not gone away. But this year we have seen more and more organisations adjusting to the circumstances, and returning to offering the transparency – both around data protection and freedom of information – that is so important to developing and maintaining public trust.
This has been our own experience at the ICO too. We have not been immune to the challenges of the pandemic, with staff availability, recruitment and a reduction in physical access to documents all affecting our work at various times. We know too those challenges have not gone away, but our recovery plan has had a positive impact in removing and reducing backlogs.
We want to support all organisations to fully meet the expectations people have around their information rights. Our website provides a wealth of resources to help organisations, while our helpline and live chat services continue to offer help and advice.
We have today published an updated version of our regulatory approach document. It states our commitment to continue taking into account the challenges organisations we regulate face, but also makes clear the value of information rights. We expect organisations should be able to deal with complaints they receive from members of the public, for instance, and we expect organisations to have robust recovery plans in place to reduce any backlogs.
We will continue to update on our regulatory approach, to provide clarity to organisations both during the pandemic and beyond. This will include updating our Regulatory Action Policy, which we will consult on later this year.
Data protection has played a central role in the UK’s response to the pandemic, but the effectiveness of data-driven innovation relies in part on public trust. Likewise, people’s trust in decisions made by government and public authorities relies on transparency. A respect for people’s information rights is central to both, and the ICO will continue to work to protect and support those rights.
Latest News from
Information Commissioner's Office
Statement in response to use of ICO corporate charge card27/09/2021 16:43:00
Statement given in response to use of ICO corporate charge card.
International progress for domestic benefit: why the ICO convened a G7 meeting on data flows20/09/2021 16:15:00
A blog by Elizabeth Denham, UK Information Commissioner
We Buy Any Car, Sports Direct and Saga fined £495,000 after sending millions of ‘frustrating and intrusive’ nuisance messages.15/09/2021 13:20:00
The ICO has today announced fines totalling £495,000 to well-known companies that between them sent more than 354 million nuisance messages.
Blog: Sharing personal data in an emergency – a guide for universities and colleges15/09/2021 09:15:00
A blog by Viv Adams, Principal Policy Adviser in the ICO Parliament and Government Affairs team
G7 data protection and privacy authorities’ meeting: communiqué13/09/2021 09:10:00
The UK Information Commissioner’s Office (ICO) brought together data protection and privacy authorities from G7 countries, as well as guests from the Organisation for Economic Cooperation and Development (OECD) and the World Economic Forum (WEF), for a discussion this week on shared emerging challenges that need closer international collaboration.
Statement in response to DCMS consultation into proposed data protection reform10/09/2021 14:10:00
Statement given yesterday in response to DCMS consultation into proposed data protection reform.
ICO to call on G7 countries to tackle cookie pop-ups challenge07/09/2021 14:10:00
The UK Information Commissioner’s Office (ICO) will today call on fellow G7 data protection and privacy authorities to work together to overhaul cookie consent pop-ups, so people’s privacy is more meaningfully protected and businesses can provide a better web browsing experience.
ICO fines Glasgow company for making half a million nuisance calls05/09/2021 09:10:00
The Information Commissioner’s Office (ICO) has fined Glasgow-based company DialADeal Scotland Ltd (DDSL) for making more than half a million nuisance marketing calls.