UK data watchdog calls for tougher investigatory powers under GDPR

ICO chief warns current audit powers are being "outpaced" by advances in data analytics

The UK's Information Commissioner has called for stronger powers to be introduced to make it easier for regulators to investigate data breaches within the confines of new European data protection laws.

ICO chief Elizabeth Denham warned that the powers to audit companies suspected of mishandling data under GDPR law is "being outpaced by technological advances in data analytics".

Advertisement - Article continues below

She added that the recent Cambridge Analytica scandal demonstrated the need for a more "streamlined" approach to investigations, and powers that allow the ICO to act far sooner than it has been able to.

Under GDPR, Denham said she will be able to "look behind the curtain" and see who has our personal data and how they're using it. However, the ICO needs to be able to act on this information.

Speaking at the IAPP Europe Data Protection Intensive 2018, Denham said the ICO was working with the government to negotiate the introduction of such powers, and that it would also be making changes internally to help improve the regulator's effectiveness.

In March, the ICO's Demand for Access to the London Cambridge Analytica headquarters was delayed by three days because the court adjourned the hearing. Allegedly, this was because Cambridge Analytica's legal counsel was not available, however, during the adjournment, boxes were seen being removed from the headquarters in the days prior to the ICO's seven-hour search.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Denham made it clear that though the ICO wants to respect companies' rights, it needs a warrant process with a "lower threshold".

"We need the regime to reflect the reality that data crimes are real crimes," Denham said. "As society moves increasingly online, data protection law needs to have the comprehensive reach people would expect of laws in the physical world."

In order to achieve this comprehensive reach, the ICO expects to recruit around 200 more employees by 2020, and has set up a telephone base so that callers can easily report breaches to real people. Parliament has also agreed to an increased budget from 28 million to 35 million for 2018/19.

"My aim is to prevent harm, and to place support and compliance at the heart of our regulatory action," Denham said. "Voluntary compliance is the preferred route."

The ICO will enforce GDPR with heavy fines and audits, however, if companies "persistently, deliberately or negligently" refuse to comply.

Read Elizabeth Denham's full speech here.

Image: Shutterstock

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Most Popular

Visit/infrastructure/server-storage/355118/hpe-warns-of-critical-bug-that-destroys-ssds-after-40000-hours
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Visit/software/video-conferencing/355138/zoom-beaming-ios-user-data-to-facebook-for-targeted-ads
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Visit/cloud/355098/ibm-dedicates-supercomputing-power-to-coronavirus-researchers
high-performance computing (HPC)

IBM dedicates supercomputing power to coronavirus research

24 Mar 2020