UK data watchdog calls for tougher investigatory powers under GDPR

ICO chief warns current audit powers are being "outpaced" by advances in data analytics

The UK's Information Commissioner has called for stronger powers to be introduced to make it easier for regulators to investigate data breaches within the confines of new European data protection laws.

ICO chief Elizabeth Denham warned that the powers to audit companies suspected of mishandling data under GDPR law is "being outpaced by technological advances in data analytics".

She added that the recent Cambridge Analytica scandal demonstrated the need for a more "streamlined" approach to investigations, and powers that allow the ICO to act far sooner than it has been able to.

Under GDPR, Denham said she will be able to "look behind the curtain" and see who has our personal data and how they're using it. However, the ICO needs to be able to act on this information.

Speaking at the IAPP Europe Data Protection Intensive 2018, Denham said the ICO was working with the government to negotiate the introduction of such powers, and that it would also be making changes internally to help improve the regulator's effectiveness.

In March, the ICO's Demand for Access to the London Cambridge Analytica headquarters was delayed by three days because the court adjourned the hearing. Allegedly, this was because Cambridge Analytica's legal counsel was not available, however, during the adjournment, boxes were seen being removed from the headquarters in the days prior to the ICO's seven-hour search.

Denham made it clear that though the ICO wants to respect companies' rights, it needs a warrant process with a "lower threshold".

"We need the regime to reflect the reality that data crimes are real crimes," Denham said. "As society moves increasingly online, data protection law needs to have the comprehensive reach people would expect of laws in the physical world."

In order to achieve this comprehensive reach, the ICO expects to recruit around 200 more employees by 2020, and has set up a telephone base so that callers can easily report breaches to real people. Parliament has also agreed to an increased budget from 28 million to 35 million for 2018/19.

"My aim is to prevent harm, and to place support and compliance at the heart of our regulatory action," Denham said. "Voluntary compliance is the preferred route."

The ICO will enforce GDPR with heavy fines and audits, however, if companies "persistently, deliberately or negligently" refuse to comply.

Read Elizabeth Denham's full speech here.

Image: Shutterstock

Featured Resources

Unleashing the power of AI initiatives with the right infrastructure

What key infrastructure requirements are needed to implement AI effectively?

Download now

Achieve today. Plan tomorrow. Making the hybrid multi-cloud journey

A Veritas webinar on implementing a hybrid multi-cloud strategy

Download now

A buyer’s guide for cloud-based phone solutions

Finding the right phone system for your modern business

Download now

The workers' experience report

How technology can spark motivation, enhance productivity and strengthen security

Download now

Most Popular

How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
Hackers are actively exploiting three Apple iOS flaws
exploits

Hackers are actively exploiting three Apple iOS flaws

27 Jan 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

26 Jan 2021