ICO June 2018 Newsletter

 In news, updates
Welcome from the Information 

Commissioner

On Friday 25 May, the General Data Protection Regulation (GDPR) came into effect across the EU, enshrined in the UK in the Data Protection Act 2018.  For the last two years, we have been helping organisations prepare for the new law by producing guidance and targeted online resources, hosting and speaking at dozens of events and setting up a dedicated helpline for small businesses.

The creation of the DPA 2018 is not an end point, it’s just the beginning, in the same way that preparations for the GDPR didn’t end on 25 May.

We’ll be enforcing the GDPR and the new Act but the ICO is here to help. We have a comprehensive package of guidance and resources on our website and we’ll offer advice, guidance and education for organisations of all sectors and sizes.

Finally, if you’re having problems paying the data protection fee, please don’t panic. The requirement to pay a fee to the ICO under data protection law has been in place for 20 years and our data protection fee payment service is available 24 hours a day, seven days a week.

Our work 
Director’s liability – new plans for nuisance call directors to face fines

Commenting on the new plans around director liability, Steve Wood, Deputy Commissioner (Policy), said:

”We welcome these proposals from the Government to make directors themselves responsible for nuisance marketing. We have been calling for a change to the law for a while to deter those who deliberately set out to disrupt people with troublesome calls, texts and emails. These proposed changes will increase the tools we have to protect the public.”


Statement in response to Which? report on consumer data

Steve Wood, also responded to the launch of a report by Which?called “Control, Alt or Delete? The future of consumer data”, calling it “a timely and valuable contribution to the debate on data protection, privacy and the digital economy”.

The Deputy Commissioner (Policy) said: “As consumers, sharing data safely and efficiently can make our lives easier, but that digital trail is valuable so it’s important that it stays safe and is only used in ways that we would expect and can control.”


Beyond 2018 – data protection laws built to last

In her latest blog, Elizabeth Denham welcomed the new Data Protection Act 2018.

The Information Commissioner said: “It’s an evolutionary process for organisations – no business, industry sector or technology stands still. Organisations must continue to identify and address emerging privacy and security risks in the weeks, months and years beyond 2018.”


Raising the bar – consent under GDPR

Steve Wood continued our series of blogs tackling GDPR myths, busting the myth that organisations have to get fresh consent from all their customers to comply with the GDPR.

He said: “Scaremongering about consent still persists but the headlines often lack context or understanding about all the different lawful bases organisations could use for processing personal information under the GDPR.”


ICO consults on how it will use increased powers under upcoming data protection reform

James Dipple-Johnstone, Deputy Commissioner (Operations), introduced our updated Regulatory Action Policy, currently out for consultation. As well as setting out the objectives that will guide the ICO as we take regulatory action, it presents our new powers and explains how we aim to use them.

Our draft Regulatory Action Policy is now available to view, and we are inviting comments until 28 June through our public consultation.


Action we’re taking against nuisance marketing

There were 8,454 nuisance marketing concerns reported to the ICO in April 2018 – an increase of 11% compared with March. We issued five monetary penalties in the same period.

Read our nuisance calls and messages trends report in full here.


Our privacy notice

We have published our new privacy notice, telling you what to expect us to do with your personal information when you make contact with us or use one of our services.

This notice is layered. So, if you wish, you can easily select the reason we process your personal information and see what we do with it. Organisations can use this notice as a template to create their own, and we have also produced a video and an infographic to go along with the notice. Our guidance on the right to be informedalso provides information on creating privacy notices.

Steve Lawrence
Founder and CEO of EEVT
Recent Posts

Start typing and press Enter to search