The Information Commissioner’s Office is to hire a chief technology adviser as part of work to build up its technology capacity, Elizabeth Denham has said.
Denham is bolstering the ICO’s tech capacity – Photo credit: DCMS
In her first speech as information commissioner, Denham – who took up the role in July – said that the ICO was a “tech-savvy” organisation, but that it wanted to do more.
Addressing a tech conference on the personal information economy, she said that she was creating a new position of chief technology adviser to help the organisation increase its tech capacity.
This would include doing more research and analysis, as well as “embedding technology into the future of the ICO”.
In addition, Denham said the tech team would also be expanded, and that the ICO was looking to work with universities and support research into privacy by design solutions.
Denham also said that she wanted to identify new policy priorities that promote a responsible approach to data protection, which she said should “ultimately leading to greater trust in businesses and in public bodies”.
She said that the “fundamental objective” of her five-year term as commissioner was to improve data confidence in the UK, and increase citizens’ trust of organisations’ use of personal data – a figure that currently stands at just one in four.
Industry – the sector the conference was aimed at – should be a key part of that, she said, saying the ICO wanted “to hold companies up as great examples of how privacy and technology can work for consumers”.
Acknowledging that this would bring challenges to technological innovations, she stressed that “it’s not privacy or innovation – it’s privacy and innovation”.
She said that it was up to companies to understand the risks they’re creating and mitigate them, as well as to invest in privacy fundamentals before the systems are built.
“The impetus is on you,” she said. “The exponential opportunities of data give you a position of power and with that comes great responsibility. If you want to innovate using personal information, you need to take that responsibility seriously.”
The commissioner also touched on the subject of regulation once the UK leaves the European Union.
“Make no mistake – Brexit makes the job I accepted earlier this year more challenges, but we’re well prepared,” she said.
Denham emphasised that the General Data Protection Regulation was likely to be live before the UK leaves the EU, and that no matter what the relationship between the UK and Europe, personal information would need to flow – and therefore be protected.
Despite repeatedly saying that it was for government to decide on the final law, she said that – although “regulators generally don’t lobby” – when the “conversation is about the future of data protection in the UK, the ICO is determined to be part of that conversation”.
Denham also indicated that the office would be pushing for strong data protection laws, saying that there needed to be “a degree of stability and clear regulatory messages” for data controllers and the public.
“The aim here is not a data protection regime that appeals because it is overly lax or ’flexible’,” Denham said. “The aim is a progressive regulatory regime that stands up to scrutiny that doesn’t leave the UK open to having rocks thrown at it by other regimes. And that has consistency and adequacy with the Europe.”