Digital Secretary Oliver Dowden has announced plans to overhaul the Information Commissioner’s Office (ICO) in a bid to drive innovation and growth in the UK’s data sector and protect the public from major data threats.
One year on from the publication of the National Data Strategy, the government has launched a consultation on proposed changes to the UK’s data landscape.
As part of this, a new structure is planned for the ICO, including an independent board and chief executive to mirror the governance structures of other regulators such as the Competition and Markets Authority (CMA), Financial Conduct Authority (FCA) and Ofcom.
This follows the selection of John Edwards as the government’s preferred candidate as the new Information Commissioner, who is currently serving as the New Zealand Privacy Commissioner.
In a statement the government said the reforms aim to cement the UK’s position “as a science superpower, simplifying data use by researchers and developers of AI and other cutting edge technologies.”
It wants to build on the use of data to tackle the Covid-19 pandemic and secure the UK’s status as a “hub for the free and responsible flow of personal data”.
“Data is one of the most important resources in the world and we want our laws to be based on common sense, not box-ticking,” said Dowden. “Now that we have left the EU, we have the freedom to create a new world-leading data regime that unleashes the power of data across the economy and society.
You might also like
“These reforms will keep people’s data safe and secure, while ushering in a new golden age of growth and innovation right across the UK, as we build back better from the pandemic.”
The government says the reforms will broaden the remit of the ICO and empower the Information Commissioner to champion sectors and businesses that are using personal data in “new, innovative and responsible ways” to benefit people’s lives in areas such as healthcare and financial services.
It says it also wants to remove “unnecessary barriers to responsible data use.” The government claims the reforms “will provide clarity around the rules for the use of personal data for research purposes, laying the groundwork for more scientific and medical breakthroughs.”
Protecting peoples’ data
The protection of people’s personal data will be at the heart of the planned data reform. The consultation sets out plans to impose tougher penalties and fines for nuisance calls and text messages. These sanctions would be overseen by the ICO and build on government action in recent years that has included holding individual directors liable for nuisance calls made by their respective companies.
The government will maintain the UK’s data protection standards and proposals will be built on key elements of the current UK data protection regime (UK GDPR and Data Protection Act 2018), such as principles around data processing, people’s data rights and mechanisms for supervision and enforcement.
However, the government notes that the current regime places disproportionate burdens on many organisations. “For example, a small hairdressing business should not have the same data protection processes as a multimillion pound tech firm. Our reforms would move away from the ‘one-size-fits-all’ approach and allow organisations to demonstrate compliance in ways more appropriate to their circumstances, while still protecting citizens’ personal data to a high standard.”
The statement adds that reforms can help ensure that organisations better understand and mitigate the risk of bias in their algorithmic systems. “These aim to help organisations identify what is driving bias, so that they can take steps to make sure their services are not inadvertently biased or replicating societal and historic discrimination or drawing inferences that could be deemed unfair (for example, insurers predicting someone’s fitness levels from their purchasing habits),” it said.