ICO launches data protection law consultation

People will have eight weeks to comment on the ICO’s draft Regulatory Action Policy, which gives direction and focus to the organisations it regulates. The policy has been updated to include enhanced powers set out in the Data Protection Bill currently going through Parliament. 

Proposed new powers include no-notice inspections, compelling people and organisations to hand over information and making it a criminal offence to destroy, falsify or conceal evidence.

The Policy also covers all 11 pieces of legislation that the ICO is responsible for including the Freedom of Information Act and the Privacy and Electronic Communications Regulations which covers nuisance calls, texts and emails.

It reinforces the ICO’s commitment to a proportionate and risk-based approach to enforcement. ICO deputy commissioner James Dipple-Johnstone said: “Our approach is designed to protect people’s information but also ensure that business is able to function and innovate in the digital age.

“We’ll target our most significant powers on repeated, wilful or serious failures to take proper steps to protect personal data and deliver information rights. Our formal regulatory action will serve as an important deterrent where it needs to.”

The consultation closes on 28 June. The revised Policy will be subject to Parliamentary consideration and final approval.