The UK’s new data protection tsar began his role this week at the start of what promises to be a momentous period of change for the Information Commissioner’s Office (ICO).
Former New Zealand privacy commissioner John Edwards will follow Elizabeth Denham into an increasingly important role as head of the UK’s privacy watchdog.
The ICO is the independent regulator for data protection and information rights laws, including the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the Freedom of Information Act and the Privacy and Electronic Communications Regulations 2003, which govern nuisance marketing.
Edwards joins the ICO ahead of a promised government “overhaul,” which will see its governance model changed to mirror those of other regulators such as the Competition and Markets Authority (CMA), Financial Conduct Authority (FCA) and Ofcom. That means the creation of an independent board and chief executive position.
He will also oversee what could be significant reforms to the country’s data protection laws which some fear may cause it to diverge too far from the GDPR, imperiling cross-border data flows to the EU.
The government wants to make it easier to strike data adequacy partnerships with other non-EU countries worldwide and sees a new, more flexible regime as key to this – one “based on common sense, not box-ticking.”
Other significant jobs on Edwards’ to-do list will be the introduction of the controversial Online Safety Bill, which promises a much more substantial role for Ofcom in holding tech companies to account for the content disseminated over their platforms.
He will also be tasked with ensuring responsible use of health data in the fight against the COVID-19 pandemic and the simplification of data use by scientists and researchers to help drive innovation without infringing on privacy rights.
“Privacy is a right not a privilege. In a world where our personal data can drive everything from the healthcare we receive to the job opportunities we see, we all deserve to have our data treated with respect,” Edwards said in a statement.
“The ICO has an international reputation for forward thinking and clear assessment of the practicalities of the law, which I will continue to promote. I know too of the active data protection community in the UK – I look forward to hearing the experiences of businesses, the public sector, civil society and the privacy community.