ICO consults on increased powers under data protection reform
The Information Commissioner’s Office (ICO) has launched a consultation to gather the views of stakeholders and the public on the way it plans to regulate new data protection laws.
People will have eight weeks to comment on the ICO’s draft Regulatory Action Policy, which gives direction and focus to the organisations it regulates.
The Policy has been updated to include enhanced powers set out in the Data Protection Bill currently going through Parliament. Proposed new powers include no-notice inspections, compelling people and organisations to hand over information and making it a criminal offence to destroy, falsify or conceal evidence.
The Policy also covers all 11 pieces of legislation that the ICO is responsible for, including the Freedom of Information Act and the Privacy and Electronic Communications Regulations, which cover nuisance calls, texts and emails.
It reinforces the ICO’s commitment to a proportionate and risk-based approach to enforcement.
James Dipple-Johnstone, Deputy Commissioner, said:
“Our approach is designed to protect people’s information but also ensure that business is able to function and innovate in the digital age.
“We’ll target our most significant powers on repeated, willful or serious failures to take proper steps to protect personal data and deliver information rights. Our formal regulatory action will serve as an important deterrent where it needs to.”
The consultation closes on 28 June. The revised Policy will be subject to Parliamentary consideration and final approval.