The ICO have recently published their Annual Report for 2019/2020. In these abnormal times, digital evolution has accelerated at a ‘dizzying speed’ over the past few months, comments Elizabeth Denham, Information Commissioner. Over the past few months, more than ever, digital services have become a vital part of how we work, entertain ourselves and communicate with friends and family, so protecting ourselves and our data is more important than ever.
It seems that people are now more aware of their data protection rights and this is reflected in the fact that the ICO received 38,514 data protection complaints from March 2019 – March 2020. This figure is slightly lower than the previous year’s figure (at 41,661), however the ICO report that they resolved a record 39,860 cases this past year and that the volumes of enquiries from both organisations and members of the public, have remained high.
In response to breaches, the ICO have also taken regulatory action in 236 instances throughout the 2019-2020 period.
The ICO also report how they are shifting towards working with data controllers, in order to prevent errors occurring in the first place. In around half of cases that the ICO looked at in 2019, they found that there was more the data controller could have done to either improve their information rights practices, or better explain how they are complying with their obligations.
One main focus of the ICO’s latest report, is their Age-Appropriate Design Code. The Code aims to provide better online protection for children by setting out 15 standards, which explain how GDPR applies to children who are using online services.
Since 1 in 5 internet users are children, the ICO recognise that online services need to be developed and adapted with the best interests of children in mind. Once implemented, it will mean that children/parents will not have to amend their privacy settings, in order to be fully protected. Other requirements include preventing ‘nudge techniques’ which encourage children to provide unnecessary personal data.
The Code has just come into force on 2 September 2020 and we are now in a 12 month transition period, to allow online services time to conform. The ICO have provided guidance as to who is protected by The Code and how best to implement it.