The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

25 January 2021

While January is always a month for looking ahead, it feels like no discussions of plans for 2021, professionally or personally, are possible without the mention of lockdown, vaccinations or talk of when ‘all this is finished’.

I expect that will also be true of my appearance before the DCMS Select Committee this week. But for all the challenges, I am pleased there is a positive story to tell about the ICO’s upcoming work.

The ICO’s immediate focus remains supporting organisations through the impacts of COVID 19. We have prioritised providing advice and support on data protection related aspects of the pandemic since the start, and will continue to do so, adjusting and responding to the new challenges the country will face until, well, ‘all this is finished’. That work includes protecting people’s rights, and making sure data protection is considered at the earliest stage of any innovations.

Last year we showed we were able to respond to the challenges of the pandemic while continuing to support information rights in the UK. We published a range of guidance to support organisations, covering topics including AI, data sharing and accountability, all demonstrating how good data protection enables innovation and economic growth. We acted to protect people’s information rights, from our FOI self-assessment toolkit to reports on police use of mobile phone extraction and credit reference agencies use of personal data. And when companies got it wrong, we acted proportionately.

This year will be similarly busy.

The Age Appropriate Design Code will start to have a real impact, as the transition period around its introduction comes to an end, and we will be working hard to support organisations to make the necessary changes to comply with the law.

We’ll also be focused on supporting organisations around data sharing, following the publication of our guidance last month. The guidance is accompanied by practical resources to help organisations share data in line with the law. As I discussed with the House of Lords Public Services Committee this month, data sharing is an important area of focus, and we will also be supporting broader work to encourage the necessary culture change to remove obstacles to data sharing.

Other support for organisations planned for this year includes guidance on political campaigning, facial recognition, and codes of conduct and certification schemes, as well as a digital version of our Data Protection Practitioners’ Conference in April. We’ll also have the latest phases of our grants scheme and sandbox programme. Both are an effective way of the ICO supporting original thinking around privacy, illustrated by the innovative data sharing projects we’ve recently worked with.

Our operational work will also continue, including the latest phases of our work looking at data broking, the use of sexual crime victims’ personal information, and adtech, including audits focused on data management platforms.

Throughout, we’ll continue to be guided by the priorities we published last May, and by our Information Rights Strategic Plan.

As you’ll be aware, 2021 marks the end of my five year term as Information Commissioner. My term was scheduled to end in July but following a request from the Secretary of State for DCMS, I have agreed to extend it until the end of October, while the recruitment process for my successor is completed. Information rights have never been more important or impactful, and I’m excited to be leading the ICO’s continued good work into 2021. 

Elizabeth Denham

Elizabeth Denham was appointed UK Information Commissioner on 15 July 2016, having previously held the position of Information and Privacy Commissioner for British Columbia, Canada.