Information Commissioner's Office
Blog: Regulating through a pandemic and beyond
A blog by James Dipple-Johnston, Deputy Commissioner - Chief Regulatory Officer
When the ICO’s management team met at the start of the pandemic, to discuss how COVID-19 could impact the ICO’s work, our top priority was providing clarity to those we regulate.
We knew that, in uncertain times, organisations needed us to be clear about how we would regulate, and what they could expect to see us do differently.
That is why we published a document setting out our regulatory approach during the pandemic. We wanted to clearly explain what our commitment to being a pragmatic and empathetic regulator would look like in practice, while reiterating the important role that people’s information right would continue to have.
We have kept that document updated throughout the pandemic, outlining where our regulatory approach has adjusted and developed.
As we anticipated at the beginning of the pandemic, some organisations we regulate have faced significant difficulties supporting people’s information rights. NHS organisations, police and local and central government have all faced particular challenges, especially in responding to subject access and freedom of information requests.
Those challenges have not gone away. But this year we have seen more and more organisations adjusting to the circumstances, and returning to offering the transparency – both around data protection and freedom of information – that is so important to developing and maintaining public trust.
This has been our own experience at the ICO too. We have not been immune to the challenges of the pandemic, with staff availability, recruitment and a reduction in physical access to documents all affecting our work at various times. We know too those challenges have not gone away, but our recovery plan has had a positive impact in removing and reducing backlogs.
We want to support all organisations to fully meet the expectations people have around their information rights. Our website provides a wealth of resources to help organisations, while our helpline and live chat services continue to offer help and advice.
We have today published an updated version of our regulatory approach document. It states our commitment to continue taking into account the challenges organisations we regulate face, but also makes clear the value of information rights. We expect organisations should be able to deal with complaints they receive from members of the public, for instance, and we expect organisations to have robust recovery plans in place to reduce any backlogs.
We will continue to update on our regulatory approach, to provide clarity to organisations both during the pandemic and beyond. This will include updating our Regulatory Action Policy, which we will consult on later this year.
Data protection has played a central role in the UK’s response to the pandemic, but the effectiveness of data-driven innovation relies in part on public trust. Likewise, people’s trust in decisions made by government and public authorities relies on transparency. A respect for people’s information rights is central to both, and the ICO will continue to work to protect and support those rights.
Latest News from
Information Commissioner's Office
ICO and Ofcom strengthen partnership on online safety and data protection25/11/2022 15:20:00
The Information Commissioner’s Office (ICO) and Ofcom have today set out how we will work together to ensure coherence between the data protection and the new online safety regimes.
International transfers: empowering innovation and growth whilst protecting people’s personal information18/11/2022 12:25:00
Blog posted by: Emma Bate, 17 November 2022.
ICO launches consultation on how it prioritises FOI complaints09/11/2022 10:20:00
The Information Commissioner’s Office (ICO) has launched a consultation on how it prioritises the complaints it receives about public bodies’ handling of Freedom of Information (FOI) requests.
Department for Education warned after gambling companies benefit from learning records database08/11/2022 12:25:00
The Information Commissioner’s Office (ICO) has issued a reprimand to the Department for Education (DfE) following the prolonged misuse of the personal information of up to 28 million children.
ICO and Cabinet Office reach agreement on New Year Honours data breach fine03/11/2022 15:05:00
The UK Information Commissioner has agreed to reduce the £500,000 Monetary Penalty Notice (MPN) imposed on the Cabinet Office in 2021 in relation to the New Year Honours data breach to £50,000, which the Cabinet Office has agreed to pay, reflecting our new approach to working more effectively with public authorities.
Making our employment guidance work for you28/10/2022 09:05:00
A blog by Elanor McCombe, Group Manager - Policy
‘Immature biometric technologies could be discriminating against people’ says ICO in warning to organisations26/10/2022 09:10:00
The Information Commissioner’s Office (ICO) is warning organisations to assess the public risks of using emotion analysis technologies, before implementing these systems.
‘Biggest cyber risk is complacency, not hackers’ - UK Information Commissioner issues warning as construction company fined £4.4 million24/10/2022 12:25:00
The UK Information Commissioner has warned that companies are leaving themselves open to cyber attack by ignoring crucial measures like updating software and training staff.