ICO’s Denham: GDPR extremely likely to apply before the UK leaves the EU
In a speech delivered on Thursday, 29 September in London, the United Kingdom’s new Information Commissioner, Elizabeth Denham, stated that UK businesses with international clients and partners would be wise to carry on with their GDPR preparations. She said that ‘it is extremely likely that the GDPR will be live before the UK leaves the European Union.’
Giving individuals better control over their data, enabled by the GDPR, is very much in the direction where the ICO wants to go anyway. But it is up to the government to come up with a proposal for the new UK DP regime. She is meeting with Data Protection Minister, Matt Hancock MP, to discuss the issues.
“We are helping you to get ready for the new law – and we will continue to provide advice and guidance around GDPR, whether you’re a business with 400 customers or 40 million.”
“What about the known unknown territory? That’s those of you who only operate in the UK. We know it’s up to government what happens here, both in that middle period from May 2018 to whenever the UK formally leaves the EU, and beyond,” Denham said.
For all organisations, “It’s not privacy or innovation – it’s privacy and innovation. The personal information economy can be a win win situation for everyone. Get it right, and consumers and business benefits,” she said.
It seems like the ICO’s enforcement strategy is not about to change. Denham said that ideally they would not resort to issuing fines but ‘we will use the stick in the cupboard when necessary’.
“We are identifying new policy priorities which promote a responsible approach – ultimately leading to greater trust in businesses and in public bodies”, Denham said.
“The ICO is a tech-savvy organisation, but we want to do more. We are building on our own capacity for technology by analysing more, researching more, and embedding technology into the future of the ICO. We are also seeking partnerships with universities and we aim to support research into privacy by design solutions.”
The ICO will also create a new position of chief technology advisor, and extending the technology team.
The full speech is at https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2016/09/transparency-trust-and-progressive-data-protection/
PL&B has organised a series of Help! Roundtables in November, January and March for data protection managers to exchange experience on planning their GDPR programmes. Significantly, they are being hosted by three companies, BT, BP and Google, who will also share their experience. See www.privacylaws.com/Events/Other/Help/