ICO unveils new tech strategy to tackle digital hurdles

The three-year plan sees the appointment of a new executive director for technology policy and innovation

Graphic depicting the transfer of data across the globe

The Information Commissioner's Office (ICO) has published its first strategy paper outlining how it will adapt its regulatory approach in light of new challenges presented by rapidly changing technology.

Among the key goals outlined in the paper, drafted to enhance the regulator's overall technical expertise and understanding, the ICO will educate staff on technological issues, and ensure businesses and the wider public are kept informed on new data protection risks.

Advertisement - Article continues below

The ICO also established, in its plans, three priority areas for 2018/19, including cyber security, AI, and web and cross device tracking. The data regulator will develop an action plan for each area which it plans to review and update annually.

The new three-year strategy is part of the ICO's wider efforts to strengthen its commitment to technology and innovation, which includes the appointment of Simon McDougall as the first executive director for technology policy and innovation.

McDougall, the former managing director of IBM-owned consultancy firm Promontory, is a "well-known international figure in the world of information rights," according to the ICO, and has also served on the board of a number of international bodies committed to upholding citizens' data and information rights.

"I am honoured to have the opportunity to join the ICO and lead their work in this critical area," McDougall said. "Technological change continues to accelerate, and it is vital that the ICO remains constructively and robustly engaged as organisations innovate in the use of personal data."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Also among the ICO's plans is the launch of a 'regulatory sandbox' in which organisations can develop innovative tools and services with assistance and guidance from the ICO. The regulator plans to consult on the implementation of this scheme later in 2018.

"Technology is driving changes to the societal, political, legal and business environment that the Information Commissioner's Office (ICO) needs to regulate," Information Commissioner Elizabeth Denham wrote in the foreword of the new strategy.

"The most significant data protection risks to individuals are now driven by the use of new technologies. The risks are broad - from cyber-attacks to the growth of artificial intelligence and machine learning."

"The GDPR contains new provisions to better regulate the risks arising from technology, including data protection by design and data protection impact assessments.

"These advances need not come at the expense of data protection and privacy rights - the ICO's approach to technology will be underpinned by the concept that privacy and innovation are not mutually exclusive."

Advertisement - Article continues below

The ICO has faced numerous challenges in the last few months in light of a massive data misuse scandal involving Facebook and the now-defunct Cambridge Analytica, which perhaps gave the regulator a taste of the issues it could expect to face in an increasingly-digitised landscape.

Its investigations into the misuse of personal data in political campaigns, which spans a vast number of organisations, led to Facebook last month being fined 500,000 - the maximum under the Data Protection Act 1998. The full results of the ICO's investigation are expected to be published by the end of the year.

Advertisement

Recommended

Visit/policy-legislation/data-protection/355250/health-sites-sharing-users-medical-data-with-major-tech
data protection

Health sites are 'unlawfully' sharing medical data with Facebook and Google

7 Apr 2020
Visit/policy-legislation/data-protection/355184/supreme-court-finds-morrisons-was-not-liable-for-2014
data protection

Supreme Court rules Morrisons was not liable for 2014 data breach

1 Apr 2020
Visit/security/privacy/355048/government-may-trace-covid-19-patients-using-mobile-phone-data
privacy

UK government may trace COVID-19 patients using mobile phone data

20 Mar 2020
Visit/policy-legislation/general-data-protection-regulation-gdpr/354842/irish-data-regulator-racks-up
General Data Protection Regulation (GDPR)

Irish data regulator racks up GDPR cases against Big Tech

24 Feb 2020

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020