Next Information Commissioner will correct ‘imbalance’ favouring privacy rights

The government will seek a successor to Elizabeth Denham who can focus not just on data protection but on innovation

The ICO webpage displayed on a smartphone display

The government will ask the successor to the UK’s chief data regulator to redress an imbalance that has created a perception that our data protection regime errs too far in favour of privacy rights and against innovation.

Ministers within the Department for Digital, Culture, Media and Sport (DCMS) feel the overall regulatory approach must be ‘rebalanced’ in order to give businesses more freedom to innovate. The perfect opportunity to do so will be when the incumbent Information Commissioner, Elizabeth Denham, steps down in October 2021 after five years in the post, according to DCMS' deputy director for data strategy implementation and evidence, Phil Earl.

The secretary of state for DCMS, Oliver Dowden, will ask the next Information Commissioner to focus not just on enforcing privacy rights, but to determine how data can be better utilised in the UK. The aim will be to give businesses the confidence to innovate with data without fear of falling foul of the rules - which Earl describes as a culture of fear.

“People may have seen we’re recruiting for a new Information Commissioner,” Earl said, addressing a Westminster eForum virtual event. “And that person will be asked by the secretary of state to not just focus on privacy but to be really thinking about how they are helping to unlock the value of data again.

“I think the secretary of state would like the new Information Commissioner to not necessarily rewrite the privacy rules,” he continued. “It’s not about throwing everything out now we've left the EU; it’s about maintaining those high standards but trying to rebalance the overall approach.”

He added that much of the challenge has centred on businesses struggling to understand the rules that exist, with the current data protection regime lacking in clarity and consistent guidance. This has created uncertainty which can suppress innovation. 

“We’ve seen a lot through the consultation that it’s people’s fear of doing it wrong, people’s uncertainty about what the right thing is to do, and that tends to create a risk-averse culture where you don’t do anything," he continued. “That’s the thing that we’ve got to get around.

"We’ve got to have a space where people feel more confident that they’re doing the right thing in sharing and using data, but also making sure that the right safeguards are in place and that it’s done in the right way.”

Whether there was a trade-off between creating the conditions for innovation, and sufficient enforcement, was also the subject of much discussion, with speakers offering a variety of perspectives. One characterisation offered by various commentators including Earl was that the trade-off was more of a myth and that adequate protections and the conditions for greater innovation must come hand-in-hand. 

The National Audit Office’s (NAO) digital director Yvonne Gallagher, however, suggested that the true barriers to the better use of data aren’t so much related to “risk aversion” as they are to infrastructure and hardware limitations, among other material reasons. 

She highlighted that one of the key issues is the presence of legacy systems across various parts of the public sector, many of which are up to 30 years old. There are also no centralised protocols in place that relates to how to handle data that’s handled by multiple government departments, including how to keep it secure as well as up-to-date.

Also disagreeing with Earl's opinion was a lecturer in digital rights and regulation with UCL, Dr Michael Veale. While those within the government may feel there’s an imbalance against innovation, Dr Veale suggested the opposite is true and this imbalance is already too far against enforcement. 

“The ICO has very rarely used any of its powers, indeed in cases such as Ad-Tech where it’s found illegality on multiple fronts,” he said. “This really does question - and has been questioned now in many parliaments now around the world - as to whether the British data regulator is effective and fit for purpose in light of actually regulating. 

“The advert for the recent Commissioner will not assuage these concerns, given its focus on a role for the Commissioner in promoting innovation and a role for actually enforcing data rights is very, very low on the list of qualities sought in such a Commissioner.”

Featured Resources

Choosing a collaboration platform

Eight questions every IT leader should ask

Download now

Performance benchmark: PostgreSQL/ MongoDB

Helping developers choose a database

Download now

Customer service vs. customer experience

Three-step guide to modern customer experience

Download now

Taking a proactive approach to cyber security

A complete guide to penetration testing

Download now

Recommended

1Password targets enterprise customers with Secrets Automation
IT infrastructure

1Password targets enterprise customers with Secrets Automation

14 Apr 2021
The definitive guide to IT security
Whitepaper

The definitive guide to IT security

9 Apr 2021
Ubiquiti insider says the company downplayed the severity of a major breach
data breaches

Ubiquiti insider says the company downplayed the severity of a major breach

31 Mar 2021
Forex broker FBS leaves millions of customer records exposed
data breaches

Forex broker FBS leaves millions of customer records exposed

25 Mar 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
UK exploring plans to launch its own digital currency
digital currency

UK exploring plans to launch its own digital currency

19 Apr 2021