GDPR compliance: UK’s information watchdog seeks to share ideas as deadline looms
Watchdog looks for international input on new regulatory landscape
The Information Commissioner’s Office is bringing together regulators from around the world this week to discuss the looming implementation of the EU's new General Data Protection Regulation (GDPR).
GDPR aims to give European Union citizens more control over the way their personal data is used, replacing legislation that was drafted before the widespread adoption of the internet.
It will come into force in all EU member states from May 25 next year, and is set to apply automatically in the UK regardless of the country’s ongoing talks on leaving the European Union.
- GDPR deadline: One third of public sector decision makers not confident they’ll be ready
- ICO: Councils need to sharpen up on data protection ahead of GDPR
- Public authorities ‘will find using consent difficult’, says ICO GDPR guidance
Despite the impending deadline for GDPR, however, a recent survey suggested that there remains widespread confusion among public sector leaders about shifting their organisations towards compliance.
Just one in ten of those surveyed by the Cloud Industry Forum said that they were completely confident that they understood what GDPR meant for their organisation.
On Tuesday and Wednesday of this week, the ICO - which upholds information rights in the UK - is hosting a workshop in Manchester, with 60 delegates from 28 different regulators from around the world coming together to discuss GDPR and its impact in their area.
“Topics will include new rights for individuals, mandatory data breach notifications, handling of complaints and co-operation mechanisms,” the ICO said.
According to the ICO, GDPR compliance will be a key focus of the two-day European Case Handling Workshop, alongside “discussions about how data protection authorities can develop effective and collaborative solutions to threats and data protection concerns”.
“Data, and the challenges involved in protecting it, don’t necessarily respect international boundaries" - Information Commissioner Elizabeth Denham
Information Commissioner Elizabeth Denham - who is putting the finishing touches on the ICO’s upcoming International Strategy - emphasised the need for data regulators around the world to share ideas.
“Data, and the challenges involved in protecting it, don’t necessarily respect international boundaries so it is important that the ICO is a respected and relevant regulator with global reach and influence,” she said.
“The events we are hosting this week demonstrate the ICO’s commitment to looking at the bigger picture and sharing knowledge, ideas and best practice with colleagues in Europe and further afield.”
Wednesday will also see the ICO host the first Global Privacy Enforcement Network (GPEN) practitioners' workshop. GPEN is an informal international network of data protection authorities, and the session will cover ways the bodies can do more to work together on protecting data and upholding privacy.
Denham recently announced that she was beefing up her top team at the ICO ahead of the GDPR changes by appointing two new deputy commissioners.
James Dipple-Johnstone is joining the ICO as its deputy commissioner for operations, after stints at the Solicitors Regulation Authority, the Independent Police Complaints Commission and the Office of the Parliamentary and Health Service Ombudsman.
Meanwhile, the ICOs former head of international strategy, Steve Wood, will be Denham’s right hand man on policy.
Confirming the appointments, Denham stressed the impact GDPR will have on the regulatory situation.
“I am delighted to have these two highly capable individuals join the ICO's senior team at this important time,” she said.
“The information rights landscape is going through a time of transformation, being reshaped by both the digital economy and the arrival of a game changing piece of data protection legislation, the GDPR.
"I am confident that both Steve and James will prove to be great assets to my senior leadership team as we navigate these changes.”
While GDPR is right to provide individuals with greater control over how their information is used, the benefits of sharing data should not be overlooked, believes Rose Lasko-Skinner of Reform
Auditor general Amyas Morse flags up three key issues that government must focus on to improve its work with private-sector suppliers
Council hopes pilot will show potential for enabling more efficient routes and timetables
Commissioner’s progress report includes revelations about UKIP’s non-compliance and a six-figure penalty for a pregnancy website that supplied data for Labour Party marketing
Calm has turned a section of the 57,509-word EU document into a sleep-inducing audio book
The cautionary tale of the Leicestershire teenager who hacked high-ranking officials of NATO allies shows the need for improved password security