Share

4 min read

Writen by Zlatko Delev

Posted on: May 13, 2021

The Information Commissioner’s Office (ICO)

The ICO is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

The ICO is responsible for:

  • Promoting good practice in handling personal data and giving advice and guidance on data protection.
  • Ensure data controllers pay the appropriate data protection fee and provide and update basic information about their firm.
  • Helping to resolve disputes by deciding whether it is likely or unlikely that an organisation has complied with the GDPR when processing personal data.
  • Taking action to enforce compliance with GDPR, where appropriate.
  • Bringing prosecutions for offences committed under GDPR (except in Scotland, where the Procurator Fiscal brings prosecutions).

Under GDPR data controllers must pay the ICO a data protection fee unless they are exempt. The new data protection fee replaces the requirement to ‘notify’ or (register) under the DPA. Since all firms hold responsibilities under GDPR, the ICO requires less information than was required under the DPA.

Data controllers must provide:

  • The name and address of the controller
  • The number of members of staff the firm has
  • The turnover for the financial year
  • Any other trading names the firm has
  • Contact details for the person completing the fee registration process and the Data Protection Officer (if the firm is required to have a member of staff with that particular designation under GDPR).

Actions

The ICO issues monetary penalties of up to £500,000 to those who have broken the Data Protection Act 1998 or breached the terms of the Privacy and Electronic Communications Regulations (PECR). Serious breaches will be met with direct action and failure to comply with the law might lead to enforcement action.

The ICO serves assessment notices to organisations that aren’t willing to work harmoniously with the ICO and are at risk of breaching the Data Protection Act. The office is also responsible for appeals made under the Environmental Information Regulations 2004.

International responsibilities

As well as carrying out duties in the UK, the ICO also co-operates with international data protection authorities, including the European Commission. This co-operation involves:

  • Sharing information
  • Investigation of complaints
  • Working alongside partners to improve understanding of data protection laws and provide guidance where necessary

In the EU, the ICO works across all areas, including police and judicial co-operation, justice and freedom, and security. The ICO is part of the Article 29 Working Party, which represents each of the 28 EU data protection authorities, as well as Iceland, Liechtenstein and Norway.

How does the ICO support the GDPR?

The European Parliament, Council and European Commission’s aim for the General Data Protection Regulation is to unify data protection, making it more robust and secure for people within the European Union.

Elizabeth Denham, UK Information Commissioner, acknowledges that many people still question how GDPR will fit in with the UK leaving the EU. But she stresses that it’s still important to comply with GDPR. The ICO will work alongside the government to remain central in conversations about UK data protection law in the future and provide advice where necessary.

Contact Us

Hope you find this useful. If you need an EU Rep, have any GDPR questions, or have received a SAR or Regulator request and need help then please contact us anytime. We are always happy to help...
GDPR Local team.

Contact Us

Recent blogs

Exciting news: Consultancy Panel is Live now

Hi all,

Hope that you are having a wonderful week. We would like to give you some exci

Data Protection Reforms in UK

This year in May, the United Kingdom Government announced the intention to introduce a reform b

What are the Leading Causes for Individual GDPR Fines?

At least 65 private individuals have received fines for GDPR violations in the EU since 2018. Th

Get Your Account Now

Setup in just a few minutes. Enter your company details and choose the services you need.

Create Account

Get In Touch

Not sure which option to choose? Call, email, chat to us
anytime.

Contact Us
06 GDPR INFO

Stay Up-To-Date

Leave your details here and we’ll send you updates and information on all aspects of GDPR and EU Representative. We won’t bombard you with emails and you will be able to tell us to stop anytime.