The Information Commissioner’s Office (ICO) has launched the second round of funding from its grants programme to promote and support independent, innovative research and solutions focused on privacy and data protection issues.

Like last year’s inaugural scheme, there will be a number of grants awarded for a minimum £20,000 and a maximum £100,000. Proposals do not need to be technology based but must have a practical application and provide real world solutions that are of clear public benefit to the people of the UK.

The ICO made four awards in the inaugural funding round last year. The relevance of the programme was demonstrated when one of the projects supported by the ICO was specifically welcomed by the UN Special Rapporteur on the Right to Privacy in his End of Mission Statement, following his recent official visit to the UK.

Elizabeth Denham, Information Commissioner, said:

“Information Rights are evolving all the time and it is fair to say that a lot has happened since we launched the inaugural grants programme a year ago.

“The introduction of the GDPR and the new Data Protection Act 2018, along with high-profile cases and incidents, have meant that privacy issues and concerns about how people’s personal information is used have probably never been more prominent.”

Eligible organisations are invited to bid for grants to support independent research and projects that meet one or more of the six strategic goals set out in the ICO’s Information Rights Strategic Plan. The key goal is to increase the public’s trust and confidence in how their personal data is used.

In particular, we are seeking privacy by design or accountability solutions which focus on key privacy challenges, providing clear public benefit with outputs that are open source and re-usable. Examples of areas we are interested in include:

  • Artificial intelligence, big data and machine learning. In particular solutions that would enable effective transparency to individuals or verifiable audit trails.
  • Biometric and facial recognition and data protection safeguards in public and private sector.
  • Children’s’ data, age verification and parental consent verification solutions.
  • Data trusts and the safe sharing of personal information.
  • Good practice, GDPR compliance and self-assessment tools for Small and Medium Organisations (SMOs).
  • Privacy enhancing applications of blockchain and distributed ledger technology that enhance privacy and accountability and minimise use of personal data.
  • Online advertising, cross device tracking and tools that provide revocable consent and transparency.

Further information about the Grants Programme, including eligibility, funding and outcome expectations is available on a dedicated page on the ICO website. 

A webinar for potential applicants, discussing the programme in more detail, will also take place on Tuesday 17 July. You can register to take part here.

Notes to Editors

  1. The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
  2. The ICO has specific responsibilities set out in the Data Protection Act 2018, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.
  3. The European Union’s General Data Protection Regulation (GDPR) is a new law which applies in the UK from 25 May 2018. Its provisions are included in the Data Protection Act 2018. The Act also includes measures related to wider data protection reforms in areas not covered by GDPR, such as law enforcement and security. The UK’s decision to leave the EU will not affect the commencement of the GDPR.
  1. Under the GDPR, the data protection principles set out the main responsibilities for organisations. Article 5 of the GDPR requires that personal data shall be:
  • Processed lawfully, fairly and in a transparent manner in relation to individuals;
  • Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
  • Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  • Accurate and, where necessary, kept up to date;
  • Kept in a form which permits identification of data subjects for no longer than is necessary; and
  • Processed using appropriate technical or organisational measures in a manner that ensures appropriate security of the personal data.
  • Article 5(2) requires that “the controller shall be responsible for, and be able to demonstrate, compliance with the principles.”
  1. The ICO Grants programme will be run in line with our obligations as a public body to account for our expenditure and value for money. We have chosen to run the programme in accordance with the UK Government’s Minimum Grant Standards. Further details on the requirements can be found at Grants Standards - GOV.UK.
  2. To report a concern to the ICO telephone our helpline 0303 123 1113 or go to ico.org.uk/concerns.

We trust you find this information useful. However, if you no longer wish to receive press releases from this office, please email us at pressoffice@ico.org.uk and we will remove your information from our distribution list.