The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

A blog by Simon McDougall, Executive Director - Technology and Innovation

22 June 2021

In November 2019 I blogged about the ICO appointing Ellis Parry as our first data ethics adviser, to lead our participation in the lively debate about where the GDPR’s legal principles and purely ethical considerations overlap, separate and potentially even conflict.

The global pandemic has thrown this debate into sharper focus, with ongoing innovation around personal data usage at every stage of the crisis. What is a ‘right’ and ‘fair’ purpose and means of processing has become a fundamental, and sometimes time-critical, question. The first goal of our Information Rights Strategic Plan - to increase the public's trust and confidence in how data is used and made available - is more relevant than ever.

During the pandemic, Ellis paused his work on data ethics to join our dedicated COVID-19 team, and I want to express my gratitude to him for his vital contribution. In recent months Ellis resumed work on data ethics, and has helped shape our thinking about how ethical considerations can be used to aid accountability, fairness and transparency. This is reflected in our consultation survey where we sought feedback from organisations on their experiences of integrating ethical considerations into decision-making processes. We focused on four key areas, which were:

  • existing practices;
  • supporting organisational structures;
  • ethical decision-making processes; and
  • information compliance programmes.

Of particular interest to us was how organisations assessed ‘fairness’, and whether those criteria are static. Do they align with existing publicly stated corporate values? Who is responsible for ultimately deciding which factors are relevant when assessing a particular situation? Who makes the final decision, and how are their deliberations recorded?

I want to thank everyone who contributed to the survey - your collective wisdom informed Ellis’s recommendation paper to the ICO on our next steps. We accepted Ellis’s recommendation to continue our engagement in this debate through 2021, without seeking to develop our own guidance materials on data ethics. We recognise that data ethics is a very broad area, with many similarities and alignments with our statutory responsibilities. We will seek to highlight work which we think is helpful, but not take the lead ourselves. Our own thinking will focus on areas such as fairness, harm and risk, in particular with reference to questions relating to algorithmic bias and discrimination, and the possible role codes of conduct and certifications could play in governing and mitigating risk.

My November 2019 blog noted that “It promises to be an interesting year”. I did not know how prescient that would turn out to be. 

Simon McDougall is Executive Director for Technology Policy and Innovation at the ICO where he is developing an approach to addressing new technological and online harms. He is particularly focused on artificial intelligence and data ethics.

He is also responsible for the development of a framework for auditing the use of personal data in machine learning algorithms.