ICO Consultation: Views Sought on Dealing with DP ‘Concerns’

December 18, 2013

The ICO is reviewing its approach dealing with the complaints and concerns the public raise under the Data Protection Act 1998.

Director of Operations at the ICO, Simon Entwistle, blogged as follows:

As a responsible regulator we must make sure our limited resources are used in ways which add the most value. This means continuously challenging ourselves to find new efficiencies in our working practices and making sure we only investigate public concerns where to do so has a clear regulatory benefit, with more people benefiting, more of the time.

This consultation is aimed at the organisations we regulate. However, we also welcome views from the public and other interested parties more generally.

We are particularly seeking responses to the following questions.

1)   Will the way in which we are proposing to address complaints and engage with businesses have a significant impact on your business?

2)   If so what will this impact be? Will it be positive or negative for you?

3)   Are you able to quantify this likely increase or decrease in the burden of our activity on your business?

4)   If you expect the burden to be increased can you suggest how we might keep this increase to a minimum?

5)   If you expect the burden to be decreased can you suggest any steps we might take to decrease this burden even further?

6)   Do you agree with our proposal to publish the number of concerns raised with us about each organization? If not why not?’

You can access the consultation here. Responses should be provided by no later than 31 January 2014.

The ICO is also undertaking a review of its work in relation to information rights. Responses to the draft document setting out the ICO vision must be received by 7 February (see Looking ahead, Staying Ahead, published for consultation in November).

Laurence Eastham writes:

Am I the only person thinking that the ICO is desperate to hear from as many people as possible who think that it really should not be bothering its head about cookies? Perhaps I am reading too much into all this.

An approach which aims the consultation at the people the ICO regulates might, just possibly, gain a response that looks for less regulation. While I have no doubt that most responses will come from the regulated, the consultation should not be aimed at them.