International progress for domestic benefit: why the ICO convened a G7 meeting on data flows

20 Sep 2021 04:08 PM

A blog by Elizabeth Denham, UK Information Commissioner

The free flow of data between countries is crucial for UK businesses. It enables international trade, opens up backroom efficiencies like cloud services, and accelerates data-driven innovation.

That importance is recognised in ‘data free flows with trust’ being a focus at recent G20 and G7 meetings.

As a regulator, my office plays an important role in the trust aspect of that ambition. We oversee the checks and balances that reassure people their data is protected, and that new data-driven products and business models can be trusted.

It is important we take an international view on this work. Firstly, in our borderless digital world, the protections we offer people here in the UK rely on international cooperation – the data people share through phone apps or online can travel round the world in moments. Secondly, businesses benefit from the more consistent approach to international regulation of common issues that cooperation brings. And finally, some of the challenges my office faces are too large to overcome alone.

It was with this focus on international collaboration for practical benefit that I convened a meeting of my G7 counterparts earlier this month, organised as part of the digital and technology track that forms part of the UK’s presidency of G7 this year. We wanted to consider how we could better work together to enable data free flow with people’s trust.

Over the course of two days, we discussed seven topics, covering specific uses of data, like AI and cookies; how privacy overlaps with competition and national security; and regulatory aspects like enforcement, deterrents and the impact of the pandemic.

Throughout, our focus was on where we could commit to making progress that would have a positive impact domestically, both on the organisations we regulate, and the people whose rights we protect.

Our work around cookies is a good example. As I said ahead of the meeting, people’s privacy needs to be meaningfully protected. Where people grow tired of having to engage with so many cookie pop-ups, there is a risk they then give more personal data that they would like. And the system is far from ideal for organisations running websites too. But with nearly two billion websites around the world, no single country can tackle this issue alone.

At our meeting, the G7 data protection and privacy authorities committed to working together with tech firms, standards bodies, designers, civil society and of course users, to find better ways to secure informed and meaningful consent online. Our initial planning on this work is underway, and will lead to us examining the role of web browsers, software applications and device settings in enabling people to set and update their privacy preferences.

Cookies are just one example of where progress was made, and further details on all of the agreed outcomes, as well as a summary of the topics discussed, can be found in the communique.

This is timely and important work. The government today reiterated its vision of data flows, supported by high standards for personal data protection, as a key enabler of international trade. My office’s work supports that vision, from working with G7 colleagues, to chairing the Global Privacy Assembly, to providing advice and support to the Department for International Trade.