Denham warns data protection is not simply the lowest legal hurdle to clear
Information Commissioner Elizabeth Denham has urged organisations keen to exploit the availability of citizens' data that they have a responsibility to respect those citizens' privacy and not ignore it in the name of innovation to solve business problems.
Speaking at the launch of the DataIQ 100 2017, a ranking of the country's data specialists the Information Commissioner said that with 454 days to go to the introduction of the General Data Protection Regulation (GDPR) her office is running at 'race pace'.
Denham, who only started her five year term leading the ICO in July 2016, was rated third in the latest rankings. Looking ahead to her first full year as information commissioner, Denham warned of significant changes ahead with GDPR.
"We have business as usual but we have to get ready for massive change as a regulator. And you as businesses are looking at this too. For me, it's a lot like changing the tyre on a moving car. So we really have a lot to do," she said.
"For the next year, what you are going to hear a lot from me about trust and accountability. Trust and accountability and reputation as well as regulation. So you'll be hearing that from us. Our most recent survey found that 75% of UK adults don't trust businesses with their personal information. I found that stunning and shocking. So my commitment to the UK over the five years of my term is to increase trust that citizens and consumers have in organisations, like all of you in this room."
Denham pointed out that individuals 'data relationships' used to be simple. "The bank had your banking information. Your fridge had your shopping preferences. Your building society had your mortgage data. And now I feel that people look at the relationships, they look at the simple relationships that they used to have and they realise that they've become a lot more complex," she said.
"Your supermarket wants to sell you mobile phones. Your mobile phone wants to sell you a book. And your book choices tell online retailers a lot about your shopping preferences. So if you add to all of this, a security breach, you might understand why individuals feel that they have lost control over their personal data. And I think that what happens is those concerns mean that they are less willing in a digital economy to turn over their personal data."
Denham said she is going to be talking a lot about sound data governance. "And I think that's the way to silence the data demons that people fear. So, thinking about data protection as not just a legal hurdle, the lowest legal hurdle to clear, but instead thinking of data protection as a way of earning trust. And with that trust you gain the credit and you also gain the social licence to innovate with personal data.
"So I think by demonstrating your trustworthiness to consumers and to the regulator, then you get to do innovative and imaginative and cool things with people's data to solve new problems or old ones."
She continued, "Since I arrived in the UK seven months ago, I have been astonished, amazed and so pleased to talk to scores of organisations who believe both in the need to derive value from personal data but also a need to deeply respect the person behind the bits and bytes. My message to you is it's not privacy or innovation. It is privacy and innovation.
"The ICO is here to help. We are a regulator but we are in the education business and we have a lot of pragmatic and practical guidance on our website. A lot of this practical guidance is about the GDPR and I agree that what the GDPR is about is putting the consumer and the citizen at the centre of your decisions."