Blog Archives

Blog: Simplifying subject access requests – new detailed SARs guidance

October 21, 2020 boss

21 October 2020 The right of access is a fundamental right under data protection law. And it has never been more necessary. In a world where personal data is used almost everywhere – by everyone – it’s vital that people have the right to be able to find out what’s happening to their information. More and more people are waking up to the power of their personal data, and are exercising their rights. That’s why, as an organisation, it’s important that you know how to deal with a subject access…

Blog: Engagement key in protecting people’s privacy across the UK during the pandemic

October 13, 2020 boss

13 October 2020 Information Commissioner Elizabeth Denham highlights the positive results of the ICO’s engagement with the UK devolved administrations on the use of data in the fight against COVID-19. In times of crisis, the value of collaboration is crucial. That’s been central to the ICO’s approach during the pandemic, whether that’s benefiting from the shared expertise of international colleagues through the Global Privacy Assembly, or working alongside organisations within the UK. Last month, I wrote about the engagement with the Department of Health and Social Care on the England…

Blog: Elizabeth Denham on the conclusion of the ICO’s investigation into the use of personal data in political campaigning

October 6, 2020 boss

06 October 2020 There can be few cases that better illustrate how mainstream data protection has become than the ICO’s investigation into the use of personal data in political campaigning, including by the now defunct Cambridge Analytica. How people’s information was being used became a dinner table topic, prompting undercover news reports, a TV dramatisation and a Netflix documentary. Our work, alongside the sustained contribution of journalists, civil society groups, researchers and parliamentarians, drew back the curtain on a world that so many people were affected by, but so few…

Blog: Data protection considerations and the NHS COVID-19 app

September 18, 2020 boss

18 September 2020 Information Commissioner Elizabeth Denham talks about the regulatory work the ICO has been involved in regarding the England and Wales NHS COVID-19 app. One of the themes of the ICO’s recent work is the use of tech innovation to respond to the challenges prompted by COVID-19. As a regulator, we have an important role to play in those projects, both by enabling progress that can help society, and by protecting the people whose data – and trust – such projects rely on. Our engagement around the England…

Blog: Accountability Framework: demonstrating your compliance

September 10, 2020 boss

Ian Hulme, Director of Regulatory Assurance discusses the launch of our new Accountability Framework and how organisations can take part in the next stage of its development. The accountability requirement of data protection legislation might seem at first like a big task. Organisations must assess the risks they create and take appropriate action. You need to ensure staff are adequately trained, assess your data processing and put data protection at the heart of your organisation. It is more than box ticking or bolt on compliance. It is an opportunity to…

Blog: Ten top tips for innovators

September 8, 2020 boss

8 September 2020 We are always looking for new and innovative ways to offer advice and support to any businesses involved in data protection because it is imperative that consumers who share their personal data with your organisation are confident that this data will be treated fairly, lawfully and transparently. One of the key aims of our Regulators’ Business Innovation Privacy Hub (or to give it its much snappier shorter title, the Innovation Hub), is to collaborate with other regulators to improve the data protection knowledge within innovative businesses in…

Ross Ulbricht Uses Snail Mail to Send Correction for Blog Post on MakerDAO

August 13, 2020 boss

Ross Ulbricht, the founder of SilkRoad, has issued a short follow-up to his essay on MakerDAO (MKR) and how it could be redesigned and improved. The follow-up amounts to a small correction to an assumption he made earlier about the Maker system. In his essay, he was puzzled that the DAI Savings Rate, a reward for “staking” the stablecoin, was higher than what DAI minters paid as interest rate. Indeed this is not the case as the savings rate is obtained from stability fee payments. Raising it above that level…

Blog: ICO launches guidance on AI and data protection

July 30, 2020 boss

Simon McDougall, Deputy Commissioner – Regulatory Innovation and Technology, discusses the relationship between AI and data protection as the ICO publishes new AI guidance. 30 July 2020 Over the past few years, I have witnessed amazing uses of Artificial Intelligence (AI) in areas such as online retail, banking, and healthcare. The recent pandemic has driven innovation in the use of technology and data but some of the challenges for organisations using AI are constant. For example, Is AI the right technology for the problem? What ethical issues does it create?…

OpenAI Bot Writes a Blog, Wows BitcoinTalk With ‘Intelligent’ Posts

July 22, 2020 boss

Developer Manuel Araoz has played a practical joke online to demonstrate the potential of artificial intelligence bots — by having a bot write an article about itself. According to a July 18 post on Araoz’s blog, AI development company OpenAI released GPT-3, the third generation of its language prediction model capable of creating “random-ish sentences of approximately the same length and grammatical structure as those in a given body of text.” The blog entry provides practical information regarding how the technology could be used to impersonate well-known figures by simulating…

Blog: Information Commissioner sets out new priorities for UK data protection during COVID-19 and beyond

May 5, 2020 boss

5 May 2019 A blog by Elizabeth Denham, Information Commissioner. Last month, as the ICO set out its regulatory approach during the COVID-19 pandemic, I spoke of the importance of regulators applying their authority within the larger social and economic situation. The document we published that day made clear what organisations can expect of us in the coming months. My office’s role is to be both an enabler and a protector. We must reflect the requirements and reality of those we regulate, and engage on how data protection can enable…