What’s the latest on the ICO privacy seals?

By Gemma Farmer, Senior Policy Officer.

Privacy seal

It’s been a little while since we talked about the ICO’s plans to introduce a brand new, consumer facing privacy seal for UK data controllers.

Since then we’ve continued beavering away behind the scenes, laying the legal and technical foundations and exploring how to best achieve the high level of consumer recognition that will be essential to the success of the privacy seal. Putting these in place is taking a little time, but once these foundations are ready, we will publish the final framework criteria and invite proposals from potential scheme operators who would like to run an ICO endorsed privacy seal scheme. Continue reading

Posted in Gemma Farmer | Tagged , , , , , | Leave a comment

The EU Regulation – approaching the home straight?

By David Smith, Deputy Commissioner and Director of Data Protection.


As Brussels takes its summer holidays (we soldier on here at the ICO!), it’s an opportune time to again take stock of what still needs to be done before we see the EU’s data protection reforms in place. Back in February, I said we’re not even in the home straight, let alone close to the finishing line. This blog brings positive news of real progress. There’s still some way to go, but that home straight does seem closer. Continue reading

Posted in David Smith | Tagged , , , , , | Leave a comment

Personal data in leaked datasets is still personal data

By Simon Rice, Group Manager for Technology

Personal data in leaked datasets is still personal dataThey say ‘no publicity is bad publicity’, but after spending most of the week trending on Twitter, I wonder if the users of the Ashley Madison site might disagree.

Having already prompted a flurry of news stories when the online attack of the Ashley Madison servers was first revealed, this week we’ve seen another wave of coverage as the personal data was published online. Continue reading

Posted in Simon Rice | Tagged , , , , , , | Leave a comment

Insurers using subject access requests to see medical information

The Information Commissioner has been considering the emerging practice of insurance companies obtaining medical records by using patients’ subject access rights.

We recognise that insurance companies may have a genuine need to review medical information about its customers when providing policies like life and critical illness cover. Continue reading

Posted in ICO | Tagged , , , | Leave a comment

Crimewatch: exposing one of the most common DPA exemptions

Today we’ve launched an update of our guidance around one of the most commonly used exemptions under the Data Protection Act – crime and taxation.

Disclosing information to prevent or detect crime may seem a fairly straightforward exemption on the surface, but once organisations have to consider real-world examples, it can appear more complex. Continue reading

Posted in Thomas Oppé | Tagged , , , , | Leave a comment

New opportunities and increased accountability: public sector re-use rules come into force

By Steve Wood, Head of Policy Delivery.

RPSIThis weekend, as most of us will be hoping that rain doesn’t interrupt summer fêtes, weddings, BBQs or stage 14 of the Tour de France, the ICO will take on a new role under the Re-use of Public Sector Information Regulations 2015, which come into force on Saturday.

The Regulations require public sector bodies to make information available for re-use, putting the revised European Directive on re-use of public sector information on a legislative footing, and supporting the Government’s commitment to open data. Continue reading

Posted in Steve Wood | Tagged , , | Leave a comment

The Supreme Court’s judgment on Prince Charles’ letters – seven questions and answers

By Graham Smith, Deputy Commissioner and Director of Freedom of Information.

Update, 13 May 2015: The Cabinet Office has now published Prince of Wales correspondence with government departments on its website.

LetterThe Supreme Court today issued its ruling in a 10 year battle to get letters written by Prince Charles to ministers released to the public under the Freedom of Information Act. So how did these freedom of information requests end up before the highest court in the land? And what will the decision mean in practice? Continue reading

Posted in Graham Smith | Tagged , , , , , | Leave a comment

The questions (and answers) you need to know about tougher laws on nuisance calls

By Christopher Graham, Information Commissioner


At the ICO’s data protection practitioner’s conference this week we’ve been celebrating the success of our long campaign to change the law on nuisance calls and spam texts. Last week the government announced that it is changing the law to make it easier for us to fine companies that break the rules.

At the moment, the ICO has to prove a company has caused ‘substantial damage or substantial distress’ by making their nuisance calls. That’s not easy for us to do, no matter how many people have had their day disturbed by someone offering to sell them solar panels or promising compensation ‘for that accident you had’. The change in the law, coming into effect on 6 April, will mean we just have to prove that the company was committing a serious breach of the regulations.

Continue reading

Posted in Christopher Graham | Tagged , , , , , | 4 Comments

How data protection helps – supporting someone with dementia

By Judith Jones, Group Manager.

blog-alzheimersAlzheimer’s Society research shows that 850,000 people in the UK will have a form of dementia by 2015 and in less than ten years a million people will be living with dementia.

Today’s launch of a new publication by the charity ‘Accessing and sharing information: acting on behalf of a person with dementia’ will touch millions of people and is a prime example of the ICO working alongside partner agencies to help people understand their rights and security around personal data. Continue reading

Posted in Judith Jones | Tagged , , , , , | 2 Comments

Three years on… …and still waiting for reform

By David Smith, Deputy Commissioner and Director of Data Protection.

blog-watchAs the candles were blown out on the third birthday of the European Commission’s proposal for a new data protection regulation for Europe, there were plenty of people asking how close we were to seeing any of the much-needed changes to UK law.

The short answer is not that close. Progress has been made, but the negotiations in Brussels are not even in the home straight, let alone close to the finishing line. Continue reading

Posted in David Smith | Tagged , , , , , , , , , , | 5 Comments