Information Commissioner's Office
Rights for the Future: ICO plan 2016-2019
The ICO has launched its Corporate Plan for 2016-19, setting out a three year rolling plan on how we intend to achieve our objectives.
Here is Information Commissioner Christopher Graham’s introduction to the plan.
The power of digital gives the consumer greater choice, but, at the same time, it also provides businesses with unprecedented amounts of personal information and detailed insights into how we live our lives. We entrust our data to commercial operations, often without even realising what we have done or the implications of having done it.
Companies are not always as good as they should be about respecting that information, which all too often is seen as a business asset of increasing value. And it’s not just commercial operators. Public authorities – government departments and agencies, local councils, the NHS – hold our personal information digitally and, increasingly, need to share it in order to deliver efficient, modern public services. But they do not always keep this data as securely as they should – or respect the limitations on its use set out in legislation. And there are fine judgements to be made about when the state should have access to personal information to combat crime or terrorism – the balance between respect for personal privacy and securing the safety and welfare of the community at large.
Similarly, digital communications give the citizen greater power to require public authorities to be more accountable. They also enable the authorities to publish more data about their operations and to be more transparent than was possible in an earlier age. Yet there remains a reluctance to publish information that may be embarrassing to organisations or individuals.
So, there is important work for the ICO to do, as the UK’s referee of the operation of both the Data Protection Act and the Freedom of Information Act and their associated regulations.
But the legislation under which we operate is not fixed and immutable. The Freedom of Information Act has been undergoing review by Lord Burns’s commission and the long-running review of the EU’s data protection framework is almost complete. After four years of deliberation we now have the outlines of a new General Data Protection Regulation, together with an associated Directive on police and justice that will require full implementation from mid-2018.
It is the proposed changes to data protection laws that will have the most profound impact and the ICO is gearing up to lead the transition to the new framework – so that citizen and consumer rights can be secured more effectively in the future.
The new data protection framework includes much that is familiar, but it also makes significant changes. If the ICO is to deliver its mission over the next three years and beyond, as well as enforcing the law as it currently stands, in the face of all the challenges technological developments present, we will also have to be fully prepared for the future regulatory environment – and help UK businesses and organisations similarly to adapt.
So, as we continue to apply the existing UK laws and discharge all our other responsibilities, the ICO will be embarking on a significant change programme. This process will be led by a dedicated change team, and will involve staff from all parts of the ICO. Our aim will be to make the transition as seamless as possible for all concerned. Our delivery objectives remain as relevant as ever and we will work hard to make sure that organisations understand both what their obligations are now and what they will be from 2018 – and that consumers and citizens are aware of their developing information rights. You will see that what the ICO needs to do to prepare for the new EU framework is a theme that runs through the entire corporate plan.
My second term as Information Commissioner ends on 28 June 2016 and, after seven exhilarating years at the ICO, I will pass the torch to my successor. No doubt a new Commissioner will have new ideas; but the plan set out over the following pages is designed to ensure that the ICO handles the change in leadership without needing to break step. The broader based, more collective, approach to leadership we put in place last autumn means that the Senior Management Team can continue to deliver an agile response to all the demands of the fast-moving environment in which the ICO finds itself – right and ready for the future, whatever challenges it holds; always able to respond quickly and flexibly to the imperatives of upholding information rights effectively.
Latest News from
Information Commissioner's Office
ICO fines national takeaway pizza company for unlawfully sending marketing messages to its customers16/06/2021 13:05:00
The Information Commissioner’s Office (ICO) has fined Papa John’s (GB) Limited £10,000 for sending 168,022 nuisance marketing messages to its customers without the valid consent required by law.
ICO fines three companies £415,000 for nuisance marketing10/06/2021 12:25:00
The Information Commissioner’s Office (ICO) has fined three separate companies a total of £415,000 for sending nuisance marketing to people about car finance, solar panels and funeral plans.
Elizabeth Denham welcomes a delay to the launch of the GPDPR10/06/2021 10:38:00
Elizabeth Denham recently (08 June 2021) welcomed a delay to the launch of the GPDPR.
Statement in response to concerns around the GP Data for Planning and Research programme08/06/2021 16:15:00
Statement in response to concerns around the GP Data for Planning and Research programme.
Conservative Party fined £10,000 for sending unlawful emails03/06/2021 12:05:00
The Information Commissioner’s Office (ICO) has fined the Conservative Party £10,000 for sending 51 marketing emails to people who did not want to receive them.
Blog: How the digital design community can help shape the ICO’s work on the Children’s Code28/05/2021 12:25:00
A blog by Georgina Bourke, Principal Technology Adviser specialising in UX Design.
Blog: Spotlight on the Children’s Code standards – data protection impact assessments28/05/2021 09:10:00
A blog by Michael Murray, ICO’s Head of Regulatory Strategy.
Amex fined for sending four million unlawful emails21/05/2021 12:25:00
The Information Commissioner’s Office (ICO) has fined American Express Services Europe Limited (Amex) £90,000 for sending more than four million marketing emails to customers who did not want to receive them.
ICO and CMA set out blueprint for cooperation in digital markets19/05/2021 14:20:00
The Information Commissioner’s Office (ICO) and the Competition and Markets Authority (CMA) have published a joint statement, setting out their shared views on the relationship between competition and data protection in the digital economy.