Information Commissioner Elizabeth Denham has recently given some valuable insights into the Information Commissioner’s Office’s (ICO) General Data Protection Regulation (“GDPR”) strategy. Addressing the House of Lords EU Home Affairs Sub-Committee, she made clear that numerous pressures face the ICO as a result of the substantial workload created by the GDPR.
Commissioner Denham emphasised that the approach of the UK to data protection must be global. This goes beyond adjusting to the European landscape after Brexit. The ICO has been meeting with international data protection authorities in Asia, and has plans to meet the U.S. Federal Trade Commission during 2017. Denham stated that “data knows no borders”, making it important for countries to work together to achieve cohesive international data protection rights. The growing prevalence of data transfers within multinational companies makes international data regulation a key point of interest for data protection authorities.
Despite the ICO being one of the world’s largest regulators, the GDPR presents it with a number of challenges. The ICO’s plans for readiness include recruiting 200 additional staff within the next three years, and formulating a new funding model. The ICO has historically relied on the data controller registration fee to fund its work; however, the GDPR will remove this requirement, cutting off a vital revenue stream.
One of the ICO’s key roles is to educate controllers and the general public. The regulator will continue to develop and release new guidance in the run up to the GDPR coming into force, and will also provide valuable insights into the UK’s regime post-Brexit. Look out for our future posts for helpful summaries of ICO guidance.