We use cookies to make your experience of our website better. Some of these are set by third party Google Analytics to help us analyse website traffic. To comply with privacy regulations, we require your consent to set these cookies. If you continue to use the site without selecting an option we will assume you are happy for us to use cookies.

Notes From The ICO’s Data Protection Practitioner’s Conference

Notes From The ICO’s Data Protection Practitioner’s Conference

On Monday, I attended the Data Protection Practitioner’s Conference in Manchester, an annual event organised by the Information Commissioner’s Office. The event was a great chance to meet up with industry experts, to catch up on handling compliance in the area and to hear what’s ahead.

Talks included updates from the Information Commissioner, Christopher Graham, Simon Hughes MP and cyber security experts from the Department of Business, Innovation and Skills. There was a lot to take away from the event, but here are some of the headline points:

New Regulation – Not “if” but “when”

It was inevitable that there would be a lot of questions about the new Data Protection Regulation which has been subject to negotiation for over 3 years. The message from the ICO was that it will happen, hopefully towards the end of the year with a 2 year implementation period.  The government is aiming for, what Simon Hughes MP calls, a “sensible” regulation which is more balanced. The government is committed to reach an EU-wide agreement in 2015. Watch this space.

Safe Harbor – Still Safe

There has been a lot of news coverage following the Snowden revelations that the “Safe Harbor” method of transferring personal data between Europe and UK in a way which is compliant with EU data protection standards was not fit for purpose. The European Commission were unhappy that the US authorities were not monitoring the scheme effectively. The Deputy Information Commissioner, David Smith explained that the scheme is very likely to stick around but will be refined with greater monitoring and enforcement.

Fines and Nuisance Calls

Clearly there was a lot of discussion about the recent news that the ICO will have greater powers to fine companies engaged in unsolicited marketing communications (“nuisance calls”). From April, the ICO will not need to show that nuisance calls led to “substantial damage or distress” which is a pretty high threshold to meet. Yes, it’s frustrating when you’re about to bite into your dinner but it’s not really distressing.
Cyber Essentials

Cyber security was a pretty popular topic. The Department of Business, Innovation and Skills spoke about the “Cyber Essentials” scheme which is seen as benchmark for cyber security in businesses. It’s worth looking at particularly if you’re going to be issuing tenders or intending on tendering for work which makes use of any IT facilities.

If you have any comments or questions about any aspect of this blog or want further information, please get in touch.

Ross McKenzie