Information Commissioner's Office
Children’s privacy and data sharing in focus as ICO regulatory sandbox re-opens
The ICO is re-opening the regulatory sandbox, its free service, designed to support organisations using personal data to develop innovative products and services.
The regulator is accepting applications from all types of organisations from start-ups, SMEs and large organisations, across private, public and voluntary sectors.
This year the projects submitted should focus on one of two themes, children’s privacy or data sharing. The projects should be at the cutting edge of innovation and may be operating in particularly challenging areas of data protection, where there is genuine uncertainty about what compliance looks like.
The ICO is particularly interested in hearing from innovators concentrating on the issues posed by the implementation of our Age Appropriate Design Code or those developing products and services that support complex data sharing in the public interest. More information can be found here.
The regulatory sandbox enables organisations to work through how they use personal data in their projects with the ICO’s specialist staff to help ensure they comply with data protection rules. It also provides organisations with reassurance from enforcement action, where feasible, and increased public trust that innovative products and services are not in breach of data protection legislation.
Ian Hulme, Director of Regulatory Assurance yesterday said:
“We are looking for viable projects from all sizes of organisations that have the potential to be transformative, and which will bring real public benefit.
“Protecting children’s privacy online is a high priority for the ICO. Ultimately the regulatory sandbox aims to support innovators to improve confidence amongst children, young people and their parents and carers that their personal information is being properly protected when they are online.
“On data sharing our aim is to promote and enable confident, responsible and lawful data sharing in the wider public interest. In particular, the regulatory sandbox aims to help demonstrate that data protection legislation is not a barrier to proportionate sharing of personal data.”
Organisations are being invited to make an initial expression of interest. The recruitment process has been improved so organisations can register their interest and the ICO will support with the full application. Further details can be found here.
The regulatory sandbox has limited capacity and expressions of interest will be considered on a first come first served basis. There are currently only around five spaces available and once filled, other successful applicants may be placed on a waiting list.
The ICO introduced the beta service last year and ten organisations have so far had the opportunity to engage with the ICO; draw upon its expertise and advice on mitigating risks and ‘data protection by design’, whilst ensuring that appropriate protections and safeguards are in place. The ICO also recently blogged about and published two outcome reports with others set to follow.
If you have any queries contact email@example.com.
Notes to Editors
- The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
- The ICO has specific responsibilities set out in the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.
- The ICO can take action to change the behaviour of organisations and individuals that collect, use and keep personal information. This includes criminal prosecution, non-criminal enforcement and audit.
- The establishment of a regulatory sandbox was a goal outlined in the ICO’s Technology Strategy 2018-21.
- To report a concern to the ICO telephone our helpline 0303 123 1113 or go to ico.org.uk/concerns.
Latest News from
Information Commissioner's Office
Blog: Simplifying subject access requests – new detailed SARs guidance22/10/2020 12:25:00
The right of access is a fundamental right under data protection law. And it has never been more necessary. In a world where personal data is used almost everywhere – by everyone – it’s vital that people have the right to be able to find out what’s happening to their information.
ICO fines British Airways £20m for data breach affecting more than 400,000 customers19/10/2020 12:25:00
The Information Commissioner’s Office (ICO) has fined British Airways (BA) £20m for failing to protect the personal and financial details of more than 400,000 of its customers.
Blog: Engagement key in protecting people’s privacy across the UK during the pandemic14/10/2020 12:25:00
Information Commissioner Elizabeth Denham highlights the positive results of the ICO’s engagement with the UK devolved administrations on the use of data in the fight against COVID-19.
ICO takes action against company for sending spam emails selling face masks during pandemic09/10/2020 12:25:00
A company that sent spam emails selling face masks during the pandemic has been fined £40,000 by the ICO and issued with an enforcement notice.
Statement on the outcome of the ICO’s compulsory audit of the Department for Education08/10/2020 09:10:00
The Information Commissioner’s Office (ICO) has published the outcome of a compulsory audit of the Department for Education DFE carried out in February 2020.
Blog: Elizabeth Denham on the conclusion of the ICO’s investigation into the use of personal data in political campaigning07/10/2020 09:10:00
There can be few cases that better illustrate how mainstream data protection has become than the ICO’s investigation into the use of personal data in political campaigning, including by the now defunct Cambridge Analytica.
ICO launches consultation on draft Statutory guidance02/10/2020 12:25:00
The Information Commissioner's Office (ICO) has launched a public consultation on its draft Statutory guidance, which details how it will regulate and enforce data protection legislation in the UK.
ICO fines company flouting the law in order to profiteer from the coronavirus pandemic25/09/2020 12:25:00
The Information Commissioner’s Office (ICO) has fined Digital Growth Experts Limited (DGEL) £60,000 for sending thousands of nuisance marketing texts at the height of the pandemic.