The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

News, blogs and speeches

131 in total

Information Commissioner looks ahead to 2021

25 January 2021, Blog

While January is always a month for looking ahead, it feels like no discussions of plans for 2021, professionally or personally, are possible without the mention of lockdown, vaccinations or talk of when ‘all this is finished’.  

Maintaining data flows for a digital world

22 January 2021, Blog

Information Commissioner Elizabeth Denham looks at the data protection aspects of the recently agreed UK-EU trade agreement.

Six things to consider when using algorithms for employment decisions

18 December 2020, Blog

We have highlighted six key points organisations must consider before implementing algorithms for hiring purposes.

Supporting NHS COVID-19 vaccine research in the pandemic

15 December 2020, Blog

The ICO has been working with NHS Digital during the pandemic as part of the sandbox to help them deliver a mechanism to sign volunteers up to COVID-19 vaccine research. 

Blog: Access to information: driving change through education, engagement and enforcement

12 November 2020, Blog

Here at the ICO, we recognise how hard organisations are working to keep running effective businesses and services in the face of the Covid-19 pandemic.

Sandbox helps develop innovative tools to combat financial crime

05 November 2020, Blog

Two innovations to help companies tackle financial crime are the latest results to come out of the sandbox.

Blog: Simplifying subject access requests – new detailed SARs guidance

21 October 2020, Blog

The right of access is a fundamental data right under data protection law. And it has never been more necessary.

Engagement key in protecting people’s privacy across the UK during the pandemic

13 October 2020, Blog

Information Commissioner Elizabeth Denham highlights the positive results of the ICO’s engagement with the UK devolved administrations on the use of data in the fight against COVID-19.

Blog: the conclusion of the ICO’s investigation into the use of personal data in political campaigning

06 October 2020, Blog

There can be few cases that better illustrate how mainstream data protection has become than the ICO’s investigation into the use of personal data in political campaigning, including by the now defunct Cambridge Analytica.  

Blog: Data protection considerations and the NHS COVID-19 app

18 September 2020, Blog

Information Commissioner Elizabeth Denham talks about the regulatory work the ICO has been involved with the England and Wales NHS COVID-19 app.

Accountability Framework: demonstrating your compliance

17 September 2020, Blog

The accountability requirement of data protection legislation might seem at first like a big task.  

Ten top tips for innovators

08 September 2020, Blog

We have produced a series of data protection tips that anybody involved in any sector can utilise when innovating to ensure that they are building in the right data protection compliance from the outset.

Annual survey gives insight into people's information rights views

27 August 2020, Blog

As the UK economy adjusts to the impact of COVID-19, it has never been more important for organisations to understand what their customers want and expect.  

ICO launches guidance on AI and data protection

30 July 2020, Blog

Simon McDougall, Deputy Commissioner - Regulatory Innovation and Technology, discusses the relationship between AI and data protection as the ICO publishes new AI guidance.

FOI and coronavirus – preparing for recovery

17 July 2020, Blog

As the UK’s response to COVID-19 continues to evolve towards recovery we have made changes to our adapted regulatory approach

Information Commissioner updates on the ICO’s regulatory approach during COVID-19 and beyond

14 July 2020, Blog

When the ICO set out how we would regulate during COVID-19 I wrote of the importance of regulators taking account of the larger social and economic context.

Information Commissioner sets out new priorities for UK data protection during COVID-19 and beyond

05 May 2020, Blog

A blog by Elizabeth Denham, Information Commissioner.

Combatting COVID-19 through data: some considerations for privacy

17 April 2020, Blog

A blog by Elizabeth Denham, Information Commissioner.

Video conferencing: what to watch out for

15 April 2020, Blog

Ian Hulme, the ICO’s Director of Assurance gives business owners, employers and managers advice about how to safely roll out the latest video conferencing technology.

Grwpiau cymunedol a COVID-19

30 March 2020, Blog

Wrth i COVID-19 barhau i ysgubo ar draws y Deyrnas Unedig, mae mwy a mwy o bobl yn cael eu sbarduno i helpu'r rhai sy’n fwyaf agored i niwed yn ein cymunedau. Mae grwpiau eglwysig, cymdeithasau cymdogaeth a chymdeithasau trigolion yn cael eu sefydlu i gefnogi gwaith grwpiau cymunedol, gwasanaethau ac elusennau sy'n bodoli eisoes.  

Community groups and COVID-19: what you need to know about data protection

26 March 2020, Blog

As COVID-19 continues to sweep across the UK, more and more people are driven to help the most vulnerable in our communities. 

Don’t get caught out when it comes to pupil photos

09 March 2020, Blog

We’ve issued two reprimands, which are legal warnings, recently to schools for wrongly disclosing the personal data of children.

Combining privacy and innovation: ICO Sandbox six months on

09 March 2020, Blog

It’s been an exciting, interesting and challenging first six months for the ICO Sandbox – both for those externally involved in the various projects and for the ICO staff working on the scheme. Ian Hulme discusses the progress so far.

ICO attends the second ICIC FOI case handling workshop

23 January 2020, Blog

Hosted by the Gibraltar Regulatory Authority, the annual workshop provides an opportunity for different jurisdictions across the globe to share working practices and ideas. ICO colleagues in attendance provide an overview of the event.

Blog: Adtech - the reform of real time bidding has started and will continue

17 January 2020, Blog

The adtech real time bidding (RTB) industry is complex, involving thousands of companies in the UK alone. 

Blog: The benefits of sharing personal data – what can we learn from Open Banking?

06 January 2020, Blog

The ICO’s Regulators’ Business Innovation Privacy Hub has recently been looking at the key data protection considerations for innovators who are working in the Open Banking space.

Trust, technology and slippers with torches

23 December 2019, Blog

Much has changed since Jonathan Bamford, (former)  Director of Strategic Policy  (Domestic Policy),  joined the Information Commissioner’s Office, but as he comes to retire, he reflects on 34 years in data protection. 

Adtech and the data protection debate – where next?

20 December 2019, Blog

Six months ago we issued our Adtech Update Report with a clear message to industry that they had six months to read, internalise and act upon our report. Our view from the outset was that this is an industry problem requiring an industry solution. We have just reached the end of that six month period and are reviewing our findings.

The Data Protection Fee: does your company need to pay?

03 December 2019, Blog

We have launched a campaign to contact all registered companies in the UK reminding them of their legal responsibility to pay a data protection fee.

ICO and The Alan Turing Institute open consultation on first piece of AI guidance

02 December 2019, Blog

What do we really understand about how decisions are made about us using artificial intelligence (AI)? The potential for AI is huge, but its implementation is often complex, which makes it difficult for people to understand how it works. And when people don’t understand a technology, it can lead to doubt, uncertainty and mistrust.  

Blog: Data ethics and the digital economy

18 November 2019, Blog

We’ve just appointed our first data ethics adviser, Ellis Parry, to consider data protection and ethics challenges over the next year.

Why special category personal data needs to be handled even more carefully

14 November 2019, Blog

Imagine if your medical records, information about your sex life or your political opinions were put into the public domain so anyone could see them. When personal data is shared by mistake the effects can be extremely damaging.

Information rights blog: Access to Information in Turbulent Times

13 November 2019, Blog

This is the first in a series of blog posts covering our regulation of access to information legislation. The first post is by Gill Bull, ICO’s Director of Freedom of Information Complaints and Compliance, who delivered the 2019 Bond Lecture at the British Records Association on 13 November 2019.

Live facial recognition technology – police forces need to slow down and justify its use

31 October 2019, Blog

As far back as Sir Robert Peel, the powers of the police have always been seen as dependent on public support of their actions. It’s an ideal starting point as we consider uses of technology like live facial recognition (LFR).

AI Auditing Framework Call for Input: final considerations and next steps

28 October 2019, Blog

As the initial Call for Input into the development of the ICO AI Auditing Framework comes to an end, Simon McDougall, Executive Director for Technology and Innovation, reflects on some of the overarching themes that have emerged in the first phase of our work.

Blog: Embedding accountability – we want to hear from you

28 October 2019, Blog

A blog by Ian Hulme, Director for Regulatory Assurance.

Data Protection Impact Assessments and AI

23 October 2019, Blog

Simon Reader, Senior Policy Officer, discusses some of the key considerations for organisations undertaking data protection impact assessments for Artificial Intelligence (AI) systems.

Blog: How coming to work at the ICO on a secondment can benefit both of us

22 October 2019, Blog

We have significantly expanded our permanent workforce over the last two years but we are also keen to increase the variety and number of people who join us on temporary secondment from other organisations.

Blog: Global collaboration and how it helps the UK

21 October 2019, Blog

A blog by Elizabeth Denham, Information Commissioner.

Privacy and Innovation - Lessons learnt from the FCA TechSprint

16 October 2019, Blog

I’ve found there’s often a misconception that regulation seeks to stifle innovation and that the role of regulators is to add layers of red tape. 

Enabling access, erasure, and rectification rights in AI systems

15 October 2019, Blog

Reuben Binns, our Research Fellow in Artificial Intelligence (AI), discusses the challenges organisations may face in implementing mechanisms in AI systems that allow data subjects to exercise their rights of access, rectification and erasure

Privacy attacks on AI models

12 September 2019, Blog

Reuben Binns, our Research Fellow in Artificial Intelligence (AI), and Andrew Paterson, Principal Technology Adviser, discuss new security risks associated with AI, whereby the personal data of the people who the system was trained on might be revealed by the system itself.

Data minimisation and privacy-preserving techniques in AI systems

21 August 2019, Blog

Reuben Binns, our Research Fellow in Artificial Intelligence (AI), and Valeria Gallo, Technology Policy Adviser, discuss some of the techniques organisations can use to comply with data minimisation requirements when adopting AI systems.

Blog: Three top issues for town and parish councils

14 August 2019, Blog

The advent of the GDPR in May 2018 brought new data protection obligations for many organisations. Some of this presented a challenge, particularly for smaller organisations like parish and town councils, who we saw were keen to demonstrate their compliance but needed support to achieve this.

Protecting children online: update on progress of ICO code

07 August 2019, Blog

In April, I blogged about the ICO’s work to help protect children online. I’m pleased to report that my team and I are making good progress on producing a code that will translate General Data Protection Regulation (GDPR) requirements into design standards for online services.  

Fully automated decision making AI systems (blogger post)

05 August 2019, Blog

Reuben Binns, our Research Fellow in Artificial Intelligence (AI), and Valeria Gallo, Technology Policy Adviser, discuss some of the key safeguards organisations should implement when using solely automated AI systems to make decisions with significant impacts on data subjects.

People care more about how their personal data is used. But what aspects cause them most concern?

31 July 2019, Blog

Information Commissioner Elizabeth Denham introduces our Annual Track 2019 report.

AI Auditing Framework blog: Trade-offs

25 July 2019, Blog

Reuben Binns, our Research Fellow in Artificial Intelligence (AI), and Valeria Gallo, Technology Policy adviser, discuss how using AI can require trade-offs between data protection principles, and what organisations can do to assess and balance them.

Blog: Live facial recognition technology - data protection law applies

09 July 2019, Blog

Any organisation using software that can recognise a face amongst a crowd then scan large databases of people to check for a match in a matter of seconds, is processing personal data.

Blog: Developing the ICO AI Auditing Framework: an update

04 July 2019, Blog

Simon McDougall, Executive Director for Technology and Innovation reflects on the progress made in developing the ICO approach to auditing Artificial Intelligence (AI), and some of the broad themes emerging from the feedback received so far.