- Justice Committee shows green light to Christopher Graham to become the new Information Commissioner
- ICO consults on Privacy Notices Code of Practice
- Consultation on new British Standard for data protection
- Coroners and Justice Bill to Public Bill Committee
1. Justice Committee shows green light to Christopher Graham to become the new Information Commissioner
Advertising Standards Authority executive director Christopher Graham is now set to become the next Information Commissioner, following approval by House of Commons’s Justice Committee on 9 February.
At a pre-appointment hearing at the Justice Committee on 27 January, Graham was asked about his overall approach on data protection and issuing data. Graham said: “First of all, that the organisation should be well led and well managed, that it should be effective and efficient. I think that is the sine qua non, it is the licence to practice. The Information Commissioner has got to demonstrate that he is delivering a service across the responsibilities of data protection and Freedom of Information and so on, that we can tackle the backlog of delays on the Freedom of Information side, for example, and win the respect of all stakeholders, which I think then gives the Information Commissioner the platform on which to contribute to public policy debates around data protection and Freedom of Information and so on.
I would emphasise very much the importance of the education and information side with the enforcement and the sanctions as the big stick in the cupboard. It is important that everyone knows it is there and will be got out only if necessary. There is the huge task of education and helping people to comply, which has always been my approach with the Advertising Standards Authority.
I am not particularly interested in waiting around the corner saying, "Aha, we've got you," but that is necessary from time to time. It is much more important to put the resources in to making sure that public authorities and commercial organisations decide what their responsibilities are and they get on with it, but they have got to believe that if they get things wrong the Information Commissioner will be effective and will be prompt and, in addition to the reputational damage which necessarily arises from getting things wrong, there will be sanctions visited upon miscreants.
And finally, my approach would very much be the need to convince the authorities and stakeholders in general of the absolute independence and integrity of the Information Commissioner. I think we achieve that by being absolutely evidence based, cool, calm, determined to defend decisions that are being properly arrived at, praised when necessary, but the first thing to do is to win the respect of all those who are interested in this area by manifestly running an effective operation at a time of great challenge and great change.”
Graham was pressed to say whether he could accept the role without knowing that adequate resources were available. Graham said he had not had those discussions as yet.
The Justice Committee Chair, Sir Alan Beith stressed that it was crucial that the Information Commissioner’s Office remained separate from Government.
"The Justice Committee has repeatedly argued that the Information Commissioner should be made directly responsible to and funded by Parliament to protect the independence of the role, rather than being sponsored by the Ministry of Justice as at present, but Government has rejected this recommendation," the Committee says in its report.
Justice Committee’s report ‘The work of the Information Commissioner: appointment of a new Commissioner’ can be accessed at http://www.parliament.uk/justicecom
Graham’s uncorrected evidence can be seen at http://www.publications.parliament.uk/pa/cm200809/cmselect/cmjust/uc146-ii/uc14602.htm
2. ICO consults on Privacy Notices Code of Practice
The Information Commissioner's Office (ICO) has published a draft Privacy Notices Code of Practice, and is currently consulting on the content.
The ICO is of the view that often privacy policies are far too complex and contain too much legal jargon. The Code of Practice will help organisations to draft clear privacy notices and make sure that they collect information about people fairly and transparently. The Code contains good and bad examples that organisations will be able to use to help draw up their own privacy notices.
Deadline for comments is 3 April 2009. Please use a response form for submitting comments, available at www.ico.gov.uk
Read more about the ICO’s views and expectations on this issue in the April edition of PL&B UK.
3. Consultation on new British Standard for data protection
BSI British Standards invites comments on its draft standard that will help compliance and develop best practice in data protection. The draft standard introduces the idea of a Personal Information Management System (PIMS) that provides an infrastructure for maintaining and improving compliance. PIMS would set objectives for the management of personal information, and require organisations to publish a management policy that includes all elements of DP principles, and identifies individuals who have responsibility for the PIMS.
The draft is available for comment until 31 March 2009 at www.bsigroup.com/drafts (requires registration).
4. Coroners and Justice Bill to Public Bill Committee
The Coroners and Justice Bill, which aims to introduce new powers for the ICO and facilitate data sharing, had its second reading on 26 January. The Bill is now at the Public Bill Committee which will complete its work on or before 5 March.
For further details on the Privacy Laws & Business UK Newsletter, please click here.
Copyright Privacy Laws & Business 2009