Information Commissioner Speaks at Data Protection 2015

Christopher Graham, the Information Commissioner was the opening speaker at this year's DMA Data Protection summit and spoke about the impact to marketers and consumers of the ongoing data protection reform. There was a lot of information delivered - much of which has already been published on this website - but here is a summary of the key points made in his presentation and the following Q+A session.

Current problems

- Some companies pay nothing more than lip service to data protection, assuming that nobody will care.

- Enforcement is difficult when you have to prove "substantial damage or substantial distress"

- Changes happening in the UK now

- From 6th April, the ICO will no longer have to prove "substantial damage or substantial distress"

The government are also looking into providing the ICO with the power to hold board-level executives directly accountable. Together these changes will make it easier for the ICO to crack down on offending companies and act as a stronger deterrent

more details: https://www.gov.uk/government/news/government-cracks-down-on-nuisance-calling-companies

Discretionary or mandatory fines?

- There will be stronger enforcement required as part of the EU data reforms

- The ICO is pushing hard for a discretionary and proportionate approach, rather than mandatory fines.

- With the preferred discretionary approach, minor breaches and technicalities would not be the ICO's focus.

- Instead a crowd-sourced approach will be used to ensure that what consumers believe and experience will direct ICO enforcement

Trust

- Throughout the presentation the value of trust was repeated continually.

- The Information Commissioner argued that trust is a brand differentiator.

- That a brand which builds consumer trust will see more data shared with them and greater loyalty

- Information, choice and transparency for consumers will lead to greater success for brands

Start now

Even through there are still some room for details change before the EU regulations are finalised, we know much of what is coming. Additionally, changes are happening in the UK and internationally now. So start now. Current best practices will put you in a good place for changes. Then focus on how you prove consent.

Video Privacy policies

As part of follow-up presentations, the new trend in video privacy statements was highlighted as a simple and accessible way for consumers to understand data collection and usage. Take a look at these excellent examples from Channel4 and The Guardian.

...and a couple of quotes

During his presentation Christopher Graham displayed a great turn of phrase, here are just a couple of his quotes:

"The information commissioner is not just a traffic warden. We are in the enabling business, not denial business."

"Let me reserve the big stick in the cupboard for those that need a good spanking"