The battle won was described by Jonathan Bamford in an ICO blog. It involved the eventual success in prohibiting 'enforced subject access.' This describes the process of forcing job applicants to obtain and disclose, most usually, details of any criminal record held by the authorities. This habit, explained Bamford, "is not only a clear perversion of an individual’s own rights, with consequences like unwarranted loss of employment opportunities, it also undermined important public polices such as the rehabilitation of offenders."
The ICO had managed to get a relevant clause inserted into the Police Act 1997 to make the practice illegal; but parliament delayed implementing that particular clause. Finally, on Friday last week, the government announced that remaining elements of the Police Act would come into force on 14 March. Welcome news, said Bamford. "We will be working to ensure that those who are involved in this unsavoury practice are aware they will be committing criminal offences and we will be preparing ourselves ready to prosecute those who are involved in the practice."
The strongly worded report came in an opinion on the use of CCTVs to monitor for parking offenses. It is a slightly academic opinion since the Department for Transport has already indicated an intention to cease using cameras to enforce parking restrictions. What the ICO says very clearly, however, is that the current use of the cameras contravenes the Data Protection Act in several ways.
"The first principle [of the Data Protection Act]," notes the ICO, "requires that individuals are aware of who is obtaining their data and the purposes for which it will be used for at the time it is collected. Current parking signs and road signs warning of the use of cameras do not convey this type of information."
If cameras are to be used for this purpose, explains the Out-Law legal blog, "there must be a 'pressing need' for them and 'specific safeguards' around that use should be in place." It added, "The ICO said that it should be made mandatory for local authorities to conduct a privacy impact assessment before deciding to install CCTV cameras for parking enforcement. This would help improve 'transparency of decision making' and ensure there is a 'proper examination' of the need for the CCTV cameras."
The report that has resulted in most criticism – indeed, has been described as 'limp' – is the result of the ICO's investigation into dating websites. Details were also published Friday. The ICO had opened an investigation into dating sites some six months ago. "The issues highlighted," reported Decision Marketing yesterday, "included: poor visibility of the terms and conditions that give the website consent to use personal information in certain ways; T&Cs making reference to the dating company having ‘perpetual’ or ‘irrevocable’ licence to use members’ data; sites claiming to take no responsibility for the loss of or damage to personal information; and users being expected to provide personal details before the T&Cs are provided."
But, it said, "A six-month data watchdog investigation into the £2.5bn online dating industry – designed to crack down on shoddy practices – has been branded 'limp as a lettuce' after concluding consumers should read the terms and conditions more carefully." That is indeed, the ICO's conclusion: "The ICO is reminding consumers to read the terms and conditions on dating websites before signing up."
Yesterday, Christopher Graham was reappointed Information Commissioner for a further two years from 28 June. “I am delighted to have been asked to stay on as Commissioner at this key moment for information rights," he said. "I don’t underestimate the challenge of leading the ICO at this time. Like any public body we’re having to do more for less. But unlike any other public body that I know, it falls to the ICO to champion both the right to privacy and the right to know for citizens and consumers – here in the UK, in Europe, and internationally. It’s a big responsibility and the next phase certainly won’t be dull.”