Steve Wood, Deputy Commissioner (Policy) at the Information Commissioner’s Office (ICO), spoke about the General Data Protection Regulation (GDPR) and about international co-operation in the data protection arena when he addressed the European Data Protection Days conference in Berlin in May 2019.

The Deputy Commissioner began by reflecting the changes in recent years by saying:

“The last few years have really seen a step change in the way that data protection is viewed – in the UK, across the EU and in many other parts of the world. It is no longer a compliance step that businesses think of to be completed at the end of a project but the incorporation of principles – accountability, transparency, fairness – that go to the heart of good business practice.”

Noting that May 2019 marked the first anniversary of GDPR, he went on to say:

“GDPR has built the foundation of high standards that have enabled data protection to become a mainstream consumer issue across the EU. Public awareness has never been higher, and more people than ever are exercising their rights. GDPR is influencing many laws around the world.”

Mr Wood then joined the long list of officials who, in recent times, have been forced to acknowledge that they do not know how Brexit will affect their organisation, largely because it is so uncertain what the UK’s wider relationship with the EU will be. On this subject, he commented:

“At some point our relationship with Europe and the way that we interact with our DP partners will change. We know that. What we don’t know yet is what precisely these changes will be.”

His next topic was the ever-increasing pace of technological change, where he described both the advantages of this rapid change, and the data protection issues it raises. Here, Mr Wood described how international co-operation between different national regulators would be vitally important, regardless of the form Brexit eventually takes. His comments on this subject were:

“Technology, media and creative industries are booming. Just last month, Bloomberg reported that the digital economy – or the ‘Flat White Economy’ – has become the UK’s largest economic sector. This demonstrates the opportunities that the digital world provides and these should be encouraged.

“But we also know the risks to personal data and privacy that the unregulated processing of personal data brings. This new economy disrupts notions of local laws and seeks a world where data has no borders. However, this does not mean a race to the bottom or that protections cannot be maintained across borders. This is why joining up our efforts is so important.”

In the closing section of his speech, Mr Wood warned UK firms that data protection regulations are tougher than ever, and that the UK public now expect much more from firms and other organisations when it comes to handling their personal data appropriately. On this subject, the Deputy Commissioner said:

“[GDPR] captures in law an onus on companies to understand the risks, and to mitigate those risks. It also reflects that people are increasingly demanding to be shown how their data is used and how it is being protected.

“Accountability requires a change of culture within organisations, and the bedding in of key governance systems and values. We know from our investigations and audits that this has not happened yet. We will therefore be doing more to ensure that this happens.”

The information shown in this article was correct at the time of publication. Articles are not routinely reviewed and as such are not updated. Please be aware the facts, circumstances or legal position may change after publication of the article