News, blogs and speeches

Data Protection Impact Assessments and AI

23 October 2019, Blog

Simon Reader, Senior Policy Officer, discusses some of the key considerations for organisations undertaking data protection impact assessments for Artificial Intelligence (AI) systems.

Blog: How coming to work at the ICO on a secondment can benefit both of us

22 October 2019, Blog

We have significantly expanded our permanent workforce over the last two years but we are also keen to increase the variety and number of people who join us on temporary secondment from other organisations.

Blog: Global collaboration and how it helps the UK

21 October 2019, Blog

A blog by Elizabeth Denham, Information Commissioner.

Privacy and Innovation - Lessons learnt from the FCA TechSprint

16 October 2019, Blog

I’ve found there’s often a misconception that regulation seeks to stifle innovation and that the role of regulators is to add layers of red tape. 

Enabling access, erasure, and rectification rights in AI systems

15 October 2019, Blog

Reuben Binns, our Research Fellow in Artificial Intelligence (AI), discusses the challenges organisations may face in implementing mechanisms in AI systems that allow data subjects to exercise their rights of access, rectification and erasure

Privacy attacks on AI models

12 September 2019, Blog

Reuben Binns, our Research Fellow in Artificial Intelligence (AI), and Andrew Paterson, Principal Technology Adviser, discuss new security risks associated with AI, whereby the personal data of the people who the system was trained on might be revealed by the system itself.

Data minimisation and privacy-preserving techniques in AI systems

21 August 2019, Blog

Reuben Binns, our Research Fellow in Artificial Intelligence (AI), and Valeria Gallo, Technology Policy Adviser, discuss some of the techniques organisations can use to comply with data minimisation requirements when adopting AI systems.

Blog: Three top issues for town and parish councils

14 August 2019, Blog

The advent of the GDPR in May 2018 brought new data protection obligations for many organisations. Some of this presented a challenge, particularly for smaller organisations like parish and town councils, who we saw were keen to demonstrate their compliance but needed support to achieve this.

Protecting children online: update on progress of ICO code

07 August 2019, Blog

In April, I blogged about the ICO’s work to help protect children online. I’m pleased to report that my team and I are making good progress on producing a code that will translate General Data Protection Regulation (GDPR) requirements into design standards for online services.  

Fully automated decision making AI systems (blogger post)

05 August 2019, Blog

Reuben Binns, our Research Fellow in Artificial Intelligence (AI), and Valeria Gallo, Technology Policy Adviser, discuss some of the key safeguards organisations should implement when using solely automated AI systems to make decisions with significant impacts on data subjects.

People care more about how their personal data is used. But what aspects cause them most concern?

31 July 2019, Blog

Information Commissioner Elizabeth Denham introduces our Annual Track 2019 report.

AI Auditing Framework blog: Trade-offs

25 July 2019, Blog

Reuben Binns, our Research Fellow in Artificial Intelligence (AI), and Valeria Gallo, Technology Policy adviser, discuss how using AI can require trade-offs between data protection principles, and what organisations can do to assess and balance them.

Blog: Live facial recognition technology - data protection law applies

09 July 2019, Blog

Any organisation using software that can recognise a face amongst a crowd then scan large databases of people to check for a match in a matter of seconds, is processing personal data.

Blog: Developing the ICO AI Auditing Framework: an update

04 July 2019, Blog

Simon McDougall, Executive Director for Technology and Innovation reflects on the progress made in developing the ICO approach to auditing Artificial Intelligence (AI), and some of the broad themes emerging from the feedback received so far.

Blog: Cookies – what does ‘good’ look like?

03 July 2019, Blog

Since the General Data Protection Regulation (GDPR) came into effect last May, there has been a great deal of interest in how it applies to cookies and similar technologies.

Human bias and discrimination in AI systems

25 June 2019, Blog

Blogger post: As part of our AI auditing framework blog series, Reuben Binns, our Research Fellow in Artificial Intelligence (AI), and Valeria Gallo, Technology Policy adviser, look at how AI can play a part in maintaining or amplifying human biases and discrimination.

Blog: Supporting people accessing their data from the police

25 June 2019, Blog

Anyone in the UK has the legal right to find out what information is held about them by organisations and ask for a copy free of charge within one calendar month. This is known as a subject access request (SAR).

Blog: ICO Adtech update report published following industry engagement

20 June 2019, Blog

In recent months we’ve been reviewing how personal data is used in real time bidding (RTB) in programmatic advertising, engaging with key stakeholders directly and via our fact-finding forum event to understand the views and concerns of those involved.

Blog: Counting the cost of accessing environmental information

03 June 2019, Blog

At the beginning of May, Parliament declared a ‘climate change emergency’ and concerns about the environment make news headlines almost every day. So it’s more important than ever that people are able to get the information they need to take part in informed debates.

When it comes to explaining AI decisions, context matters

03 June 2019, Blog

Blogger post:  Alex Hubbard, Senior Policy Officer at the ICO, looks at some of the key themes identified in the ICO and The Alan Turing Institute’s interim report about explanations of AI decisions.

GDPR - one year on

30 May 2019, Blog

Last May marked a seismic shift in privacy and information rights with the implementation of the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

Work begins on creating ICO Sandbox short list as application period closes

28 May 2019, Blog

Applications for the   ICO Sandbox   have now closed and we have had a fantastic response, with 64 submissions received in total.

Known security risks exacerbated by AI

23 May 2019, Blog

We would like to hear your views on how known security risks can be exacerbated by AI. We welcome any feedback on our current thinking. 

Blog: Data protection doesn’t take a day off

10 May 2019, Blog

Last year we began taking action against organisations for non-payment of the data protection fee, sending out a clear message that those who didn’t pay risked a fine.

Blog: Using biometric data in a fair, transparent and accountable manner

10 May 2019, Blog

As technology takes ever greater strides, so organisations and businesses are harnessing its capabilities to help manage their contact with customers, including using it for means of identification and authentication.

Helping us strike the right balance between journalism and data protection

29 April 2019, Blog

Privacy and freedom of expression are both fundamental rights that are equally vital to our society, democracy and way of life. But they can sometimes appear to be in conflict with each other. Our data protection laws aim to reconcile these rights and achieve a crucial balance. But it is important that those organisations engaged in journalism know how to apply the requirements and exemptions in practice.

Blog: Children’s privacy – new standards for online services will help protect children

12 April 2019, Blog

Automated Decision Making: the role of meaningful human reviews (hosted on Blogger)

12 April 2019, Blog

In the first detailed element of our AI framework blog series, Reuben Binns, our Research Fellow in AI, and Valeria Gallo, Technology Policy Adviser, explore how organisations can ensure ‘meaningful’ human involvement to make sure AI decisions are not classified as solely automated by mistake. 

Accuracy of AI system outputs and performance measures

12 April 2019, Blog

Continuing our AI auditing framework blog  series , Reuben Binns, our Research Fellow in Artificial Intelligence (AI), and Valeria Gallo, Technology Policy Adviser, explore how the data protection principle of accuracy applies to AI systems, and propose some steps organisations should take to ensure compliance.

Blog: Data Protection law does not prevent information sharing to save lives and stop crime

12 April 2019, Blog

Steve Wood reminds public and private organisations that new data protection legislation does not stop them from disclosing personal data to assist police forces or other law enforcement authorities.

An overview of the Auditing Framework for Artificial Intelligence and its core components

26 March 2019, Blog

Reuben Binns, our Research Fellow in AI, and Valeria Gallo, ICO Technology Policy Advisor, outline the proposed structure, core components and areas of focus of the ICO ’s new auditing framework for artificial intelligence (AI).

The ICIC adopts Johannesburg Charter

18 March 2019, Blog

The ICIC is the International Conference of Information Commissioners.  The Conference was first held in 2003 when Information Commissioners and Ombudsmen met for the first time in Berlin to adopt a declaration for further cooperation and experience sharing among regulatory authorities charged with overseeing the access to public information.

A call for participation: Building the ICO’s auditing framework for Artificial Intelligence

18 March 2019, Blog

Simon McDougall, Executive Director for Technology Policy and Innovation, invites comment from organisations on the development of an auditing framework for AI.

Blog: Adtech fact finding forum shows consensus on need for change

07 March 2019, Blog

There’s a well-quoted line from Steve Jobs, that as Apple CEO he didn’t employ smart people to tell them what to do, but so that they could tell him what to do.

Blog: Why the right of access to patient data needn’t be a headache for GPs

07 March 2019, Blog

A patient’s right to access their own medical records from their GP is a long-established principle supported and strengthened by data protection law, most recently the General Data Protection Regulation (GDPR).

Blog: Advancing the adtech debate from a data protection perspective

12 February 2019, Blog

Simon McDougall highlights three areas of concern in the adtech industry and invites stakeholders to a fact-finding forum.

Blog: Show you mean business by paying the Data Protection Fee

07 February 2019, Blog

Paul Arnold, Deputy CEO, explains to small businesses why they need to pay the data protection fee. 

Blog: Your views will help us build our regulatory sandbox

30 January 2019, Blog

Blog: How will personal data continue to flow after Brexit?

25 January 2019, Blog, Central government

Elizabeth Denham's latest blog busts the myths for UK companies transferring personal data to and from the EEA

Openness by Design: ICO’s access to information strategy is published for consultation

14 January 2019, Blog

A blog by Director of Freedom of Information Gill Bull to introduce the ICO’s proposed strategy for Freedom of Information and invite comments to inform a final version.

Access to serious sexual crime victims’ personal information – how much is too much?

19 December 2018, Blog

A blog by Deputy Commissioner James Dipple-Johnstone for police, the criminal justice system and victims’ support groups.

Data protection and Brexit - ICO advice for organisations

13 December 2018, Blog

Information Commissioner Elizabeth Denham sets out how the ICO is helping businesses prepare for a possible no-deal Brexit

Sleigh-ing the Christmas GDPR myths

06 December 2018, Blog

In the latest of our series of GDPR myth-busting blogs, a new post by Deputy Commissioner (Policy) Steve Wood tackles some misconceptions which have sprung up around how the new data protection law might affect your Christmas.

ICO's blog on its international work

30 November 2018, Blog

The ICO's ongoing contributions to the upholding of information rights across the globe.

Information Commissioner’s investigation into the Metropolitan Police Service

16 November 2018, Blog

Gang violence is a matter of national concern – but the tools to tackle it must be fair, fit for purpose and above all, trusted by those communities at most risk.

ICO’s investigation into the use of data analytics in political campaigns

06 November 2018, Blog

The Information Commissione has published a report to Parliament that brings the various strands of our investigation up to date. 

ICO welcomes Government’s early signing of the modernised Convention 108

10 October 2018, Blog

Today, a modernised version of the Council of Europe’s Convention 108 opens for signature in Strasbourg and the ICO is delighted that the UK Government is among the very first signatories.

Meet the new ICO Director Strategic Policy (International)

04 October 2018, Blog

Anneke Schmider has been recently appointed to the new role Director of Strategic Policy (International) at the ICO.

ICO discusses GDPR Strategy at the third European Data Protection Board Plenary meeting

27 September 2018, Blog

This week the UK’s Information Commissioner and Deputy Commissioners attended the third meeting of the European Data Protection Board (EDPB).

Blog: Continuous CCTV in taxis – where do councils stand?

14 August 2018, Blog

CCTV cameras have become a part of our everyday lives, we go about our business largely unaware of them. They can serve as a valuable tool for security, crime prevention and detection.