ICO consults on privacy seal framework criteria
The ICO is inviting organisations to provide views on the framework criteria against which proposals for privacy seal schemes will be assessed. Proposals for a privacy seal scheme will be sought later this autumn and the ICO aims to have the seal in place in 2016.
The seal scheme will be regulated by the ICO but it proposes that it will not have any involvement in its day-to-day running. Seal operators should have a complaints process in place and refer any serious data breaches to the ICO. The ICO’s endorsement for seal proposal/s would be conditional on the scheme’s operator achieving official accreditation by the UK Accreditation Service (UKAS), and would be valid for a minimum of three years.
The seals should focus on a particular product, process or service, and be consumer facing. The ICO says that it reserves the right to endorse additional privacy seal schemes in different areas at any time, but would not expect to endorse schemes with significant overlaps in scope.