UK data regulator claims government plans threaten ICO independence



UK data regulator Information Commissioner Elizabeth Denham has fired a coup de grace against the government, saying its new regulatory framework compromises the independence of her office.

Denham, who has held the post since 2016, is due to leave soon, to be replaced by New Zealand’s Privacy Commissioner John Edwards.

Last month, in the wake of Brexit, the government launched a consultation on a new regulatory framework for data protection that could see it deviating from the GDPR. This caused some consternation, given that a few weeks earlier the UK had persuaded the EU to grant it data adequacy on the grounds that it was broadly aligned with the GDPR.

And now, in a consultation paper responding to the proposals, Denham has expressed concerns that the proposals could undermine the independence of the Information Commissioner’s (ICO) office.

Although the office is sponsored by the Department of Digital, Culture, Media and Sports (DCMS), it is currently a public body independent of government. However, in a new governance model that is part of the government’s proposals, the Secretary of State would be given the power to approve the directions of the ICO and appoint its CEO. And if the ICO is largely in favor of changes in governance, this is where it poses a problem.

The proposals would allow the Secretary of State to approve new or complex codes of practice and directions. These are, according to the OIC, key mechanisms through which it exercises its functions, and giving the government a veto would undermine its role.

“For the future ICO to be able to hold the government to account, it is essential that its governance model preserves its independence and is viable, within the framework defined by the parliament and with effective accountability” said Denham.

“The current proposals for the Secretary of State to endorse ICO guidelines and appoint the CEO do not sufficiently protect this independence. I urge the government to reconsider these proposals to ensure that the independence of the regulator is preserved. . ”

She emphasizes that independence allows the ICO to regulate without fear or favor and helps maintain public confidence in the organization. Meanwhile, the question arises of how the UK is viewed abroad, especially as other jurisdictions move towards stricter, rather than looser, data protection standards.

“As chairman of the Global Privacy Assembly, I have seen a clear trend towards high standards of data protection around the world. I welcome the recognition of the value of our high standards of data protection in international trade, ”says Denham.

“These standards make it easier to sell products and services. It’s good for the public and good for business. Any reform of the UK data protection regime must therefore always be assessed in terms of its impact on the ease with which data can be transmitted. flows between international jurisdictions.

The OIC is also concerned about various other elements of the proposals, such as the removal of the obligation to examine whether legitimate interests in data processing outweigh the fundamental rights and freedoms of individuals, the removal of the right to a humane review of decision-making; and the introduction of a small fee for making a subject access request.


Leave A Reply

Your email address will not be published.