In our data-driven world, it’s more important than ever to know who is using people’s personal data, and why.

Today the Information Commissioner’s Office (ICO) is launching the ‘Be Data Aware’ campaign to help people understand how organisations might be using their data to target them online, and how people can control who is targeting them.

This includes understanding how organisations use people’s data to reach them with social media adverts to market goods or services and for political marketing.

The ICO’s ongoing investigation into the use of data analytics for political purposes has uncovered the ‘behind the scenes’ processing of personal data, including algorithms, analysis, data matching and profiling that involves people’s personal information.

One of the recommendations from the investigation was for the ICO to continue to educate the public on the impact of new and developing technologies and the use of data analytics in political campaigns.

The Be Data Aware campaign does just that. With a number of resources, including downloadable factsheets on privacy and advertising settings, information about people’s right to be informed and explanations of how online microtargeting works, this new campaign reminds people of their rights under the GDPR and how to exercise them.

Information Commissioner Elizabeth Denham said:

“Our goal is to effect change and ensure confidence in our democratic system. And that can only happen if people are fully aware of how organisations are using their data, particularly if it happens behind the scenes.

“New technologies and data analytics provide persuasive tools that allow campaigners to connect with voters and target messages directly at them based on their likes, swipes and posts. But this cannot be at the expense of transparency, fairness and compliance with the law.”

For more information and to download the campaign resources visit ico.org.uk/bedataaware.

Notes to Editors

  1. The Information Commissioner’s Office (ICO) is the UK’s independent regulator for data protection and information rights law, upholding information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
  2. The ICO has specific responsibilities set out in the Data Protection Act 2018 (DPA2018), the General Data Protection Regulation (GDPR), the Freedom of Information Act 2000 (FOIA), Environmental Information Regulations 2004 (EIR) and Privacy and Electronic Communications Regulations 2003 (PECR).
  3. The General Data Protection Regulation (GDPR) is a new data protection law which applies in the UK from 25 May 2018. Its provisions are included in the Data Protection Act 2018. The Act also includes measures related to wider data protection reforms in areas not covered by the GDPR, such as law enforcement and security.
  4. Since 25 May 2018, the ICO has the power to impose a civil monetary penalty (CMP) on a data controller of up to £17million (20m Euro) or 4% of global turnover.
  5. To report a concern to the ICO go to ico.org.uk/concerns.