The ICO exists to empower you through information.

The UK Information Commissioner’s Office (ICO) and the European Data Protection Supervisor (EDPS) have signed a Memorandum of Understanding (MoU), which reinforces their common mission to uphold individuals’ data protection and privacy rights, and cooperate internationally to achieve this goal.

The MoU builds on the strong collaboration already established in other forums that both authorities mutually participate in, such as the Global Privacy Assembly and the G7 Data Protection Authorities Roundtable.

The MoU sets out how the authorities will continue to share experiences and best practices; cooperate on specific projects of interest; share information or intelligence to support their regulatory work; and, promote dialogue among data protection authorities and other digital regulators.

John Edwards, UK Information Commissioner, said:

“Today's MoU formalises the existing and ongoing collaboration between my office and the EDPS. We’ll continue to work together both bilaterally, and in other international groups, to find pragmatic solutions to ensure that organisations are supported and aware of their data protection, while upholding people’s information rights.”

Wojciech Wiewiórowski, European Data Protection Supervisor, said:

“This MoU aims to further strengthen the EDPS and ICO’s joint commitment to ensure a consistent and coherent approach to the protection of individuals’ rights to privacy and data protection. This document maps out concretely how both of our authorities, with our respective experiences and knowledge, plan to prioritise individuals’ fundamental rights across the EU and the UK.”

The MoU will not involve the sharing of personal data and is in line with the ICO’s legal responsibilities. It fits firmly with the UK commitment to protect the personal data of its citizens, while enabling the opportunities of digital innovation.

Notes to Editors

About the Information Commissioner’s Office (ICO)

  1. The ICO is the UK’s independent regulator for data protection and information rights law, upholding information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
  2. The ICO has specific responsibilities set out in the Data Protection Act 2018 (DPA2018), the United Kingdom General Data Protection Regulation (UK GDPR), the Freedom of Information Act 2000 (FOIA), Environmental Information Regulations 2004 (EIR), Privacy and Electronic Communications Regulations 2003 (PECR) and a further five acts and regulations.
  3. The ICO can take action to address and change the behaviour of organisations and individuals that collect, use, and keep personal information. This includes criminal prosecution, non-criminal enforcement and audit.
  4. To report a concern to the ICO telephone call our helpline on 0303 123 1113, or go to

About the European Data Protection Supervisor (EDPS)

  1. The EDPS is the independent supervisory authority with responsibility for monitoring the processing of personal data by the EU institutions and bodies, advising on policies and legislation that affect privacy and cooperating with similar authorities to ensure consistent data protection. Its mission is also to raise awareness on risks and protect people’s rights and freedoms when their personal data is processed.
  2. The rules for data protection in the EU institutions, as well as the duties of the European Data Protection Supervisor (EDPS), are set out in Regulation (EU) 2018/1725.
  3. Wojciech Wiewiórowski (EDPS) was appointed by a joint decision of the European Parliament and the Council to serve a five-year term, beginning on 6 December 2019.