The Information Commissioner’s Office (ICO) has launched a Grants Programme to promote and support independent, innovative research and solutions focused on privacy and data protection issues.

There will be a number of grants awarded each year. Awards will be for a minimum £20,000 and a maximum £100,000.

 The objectives of the ICO Grants Programme are to: 

  • Support and encourage research and privacy enhancing solutions in significant areas of data protection risk, focused on projects that will make a real different to the UK public.
  • Increase awareness of privacy enhancing solutions with data controllers across the UK.
  • Improve understanding of how individuals view privacy issues, interactions with new technologies and promote better public awareness.
  • Promote uptake and application of research results by relevant stakeholders, including policy makers.
  • Develop existing privacy research capacity in academic and not-for-profit sectors.

 Proposals do not need to be technology based but must have practical application and provide real world solutions that are of clear public benefit to the UK.

 Elizabeth Denham, Information Commissioner, said:

“Information Rights evolve with time. The new Grants Programme is designed to give practical research and policy a stronger voice in this evolution.

“At the core of our new Information Rights Strategic Plan is the objective of promoting trust for the public. Current research shows that 75% of the public don’t trust the way that their personal data is used. I want to see that number reduce and that requires evidence of what is causing the problem and well considered ideas for how to address it.”

Eligible organisations are invited to bid for grants to facilitate independent research and projects that meet one or more of the five strategic goals set out in the ICO’s Information Rights Strategic Plan:

  1. To increase the public’s trust and confidence in how data is used and made available.
  2. Improve standards of information rights practice through clear, inspiring and targeted engagement and influence.
  3. Maintain and develop influence within the global information rights regulatory community.
  4. Stay relevant, provide excellent public service and keep abreast of evolving technology.
  5. Enforce the laws we help shape and oversee.

In particular, we are seeking proposals that align with goals 1, 2 and 4.

This year we are seeking privacy by design or accountability solutions which focus on key privacy challenges or the privacy implications of new technologies such as big data, artificial intelligence, machine learning, social scoring and blockchain. 

We are also interested in projects that address the privacy challenges related to children and the internet.

Further information about the Grants Programme, including eligibility, funding and outcome expectations is available on a dedicated page on the ICO website.

A webinar discussing the programme in more detail will also take place from 2pm-3pm on Thursday 15 June. You can register to take part here.

If you need more information, please contact the ICO press office on 0303 123 9070, or visit the media section on our website.

 

Notes to Editors

  1. The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
  1. The ICO has specific responsibilities set out in the Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.
  1. The ICO can take action to change the behaviour of organisations and individuals that collect, use and keep personal information. This includes criminal prosecution, non-criminal enforcement and audit. The ICO has the power to impose a monetary penalty on a data controller of up to £500,000.
  1. Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that personal information is:
  • fairly and lawfully processed;
  • processed for limited purposes;
  • adequate, relevant and not excessive;
  • accurate and up to date;
  • not kept for longer than is necessary;
  • processed in line with your rights;
  • secure; and
  • not transferred to other countries without adequate protection.
  1. The Privacy and Electronic Communications Regulations (PECR) sit alongside the Data Protection Act. They give people specific privacy rights in relation to electronic communications.

There are specific rules on:

  • marketing calls, emails, texts and faxes;
  • cookies (and similar technologies);
  • keeping communications services secure; and
  • customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.

We aim to help organisations comply with PECR and promote good practice by offering advice and guidance. We will take enforcement action against organisations that persistently ignore their obligations.

  1. Civil Monetary Penalties (CMPs) are subject to a right of appeal to the (First-tier Tribunal) General Regulatory Chamber against the imposition of the monetary penalty and/or the amount of the penalty specified in the monetary penalty notice.
  1. Any monetary penalty is paid into the Treasury’s Consolidated Fund and is not kept by the Information Commissioner’s Office (ICO).
  1. To report a concern to the ICO telephone our helpline 0303 123 1113 or go to org.uk/concerns/
  1. The General Data Protection Regulation (GDPR) is a new law that will replace the Data Protection Act 1998 and will apply in the UK from 25 May 2018. The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.