ICO updates corporate plan for better data protection

The latest corporate plan from the ICO promises a fresh approach to handling public concerns about data protection

The latest corporate plan from the Information Commissioner’s Office (ICO) promises a fresh approach to handling public concerns about data protection.

The changes will see a shift in focus, with cases used to identify broader data protection problems and improve organisations’ current practices, the ICO said.

The approach was first proposed in the ICO’s Looking Ahead, Staying Ahead public consultation in November 2013.

The document also outlines plans for closer working with organisations such as trade bodies and other regulators to improve compliance, along with the development of privacy seals and trust marks.

“These changes are about getting better results, both for consumers and for data controllers,” said information commissioner Christopher Graham (pictured).

“That means learning from the individual cases and concerns brought to our attention, and concentrating on where we spot systematic problems.

ICO 2013-2017 corporate objectives

1. Organisations have a better understanding of their information rights obligations.

2. Enforcement powers are used proportionately to ensure improved information rights compliance.

3. Customers receive a proportionate, fair and efficient response to their information rights concerns.

4. Individuals are empowered to use their information rights.

5. The ICO is alert and responsive to changes which impact on information rights.

6. An efficient ICO well prepared for the future.

“There’s a focus, too, on working with others, both in encouraging compliance and in developing privacy seals, so that the ICO is not seen as the first and last defence for compliance with legislation,” he said.

The corporate plan details the strategic outcomes the ICO is seeking and how the ICO intends to achieve these over the next three years to 2017. It is reviewed annually, with public consultation.

“In this update of our three-year forward plan we’re looking ahead to stay ahead, addressing the challenges that face us so that we can remain an efficient and effective regulator,” said Graham.

“In response to changing circumstances we’re changing the way we do things in some areas of activity to make sure that we continue to make a difference,” he said.

The plan sets out how the ICO intends to:

  • Provide help and guidance to organisations and individuals.
  • Equip people to assert their information rights and to look after their personal information.
  • Be an effective but proportionate enforcer of information rights legislation.
  • Strike the right balance between openness and privacy, data protection and innovation.
  • Keep abreast of developments in technology, business and government to be able to give expert advice at the earliest stage.


Read more on Privacy and data protection