Chris Taylor, a Head of Assurance at the ICO, blogs about how organisations can help us shape our regulatory sandbox.
For a year or so now, we’ve been talking about our plans to create a regulatory sandbox. A place where organisations are supported to develop innovative products and services using personal data in different ways.
It’s part of our mantra that privacy and innovation go hand in hand. It’s not privacy or innovation, it’s privacy and innovation – because organisations that use our sandbox won’t be exempt from data protection law.
They will have the chance to engage with us, take advantage of our expertise, seek our advice in mitigating risks and consult us on data protection by design. At the same time, and as you’d expect, we’ll be ensuring that appropriate protections and safeguards are in place.
But we’ve a little way to go before we start inviting organisations to get involved. A few weeks ago we launched a call for evidence; this is the first stage in the consultation process and our chance to find out your views on the feasibility, scope and demand for a sandbox. The responses we receive will then help us create a more detailed proposal for consultation.
Individuals and organisations are already getting in touch. We’ve heard from law firms, charities, digital start-ups and people who are simply interested in data rights. They’ve told us about the real benefits that provision of advice could provide, and some of the possibilities there might be. For example, for charities to innovate in the public interest or for organisations to make improvements in health and wellbeing through the safe and innovative use of public data. Perennial issues such as enhancing cyber security and app development also appear.
But we want more. We know that companies and organisations are developing innovative products and services that use personal data in innovative ways. We want to hear from you.
Data protection cuts across all sectors, so we want to hear from you if you work in health, education, the finance industry, transport, retail, the third sector, local government, police and justice . . . the list is endless.
We appreciate that different stakeholders will have different and particular areas of expertise and we’re keen to get views from as many sectors as possible.
We want to know:
- what you think the scope of any such sandbox should be - should we focus on particular innovations, sectors or types of organisations?
- what you think the benefits might be to working in a sandbox, whether that’s our expert input or increased reassurance for your customers or clients.
- what mechanisms you might find most helpful in a sandbox – from adaptations to our approach, to informal steers or the provision of technical guidance – what are the tools that a sandbox might contain?
- at what stage in the design and development process a sandbox would be most useful to you?
It’s easy to share your views with us. Just click on the link to our survey and tell us what you think.
If you want more information about the call for evidence, pleased email the team at firstname.lastname@example.org.
Chris Taylor is a Head of Assurance at ICO working on the development of ICO's operational approach to Codes Of Conduct, Certification Schemes, Regulatory Sandbox and eIDAS.