UK privacy watchdog sets out a code of practice

Guidance and advice

By Edward Berridge

Thu Jul 08 2010, 13:29

BLIGHTY'S privacy commission has responded to EU criticism by issuing written guidelines for organisations and a consumer guide.

After the EU said that the UK needs to improve the enforcement of its privacy laws, Information Commissioner Christopher Graham warned that outfits that flout privacy online risk a double whammy of enforcement action by the Information Commissioner's Office (ICO) and the loss of trust from customers.

In a speech on privacy protection, Graham warned businesses, charities and public bodies to be straight with consumers so that people know why their personal information is being collected, how it will be used and who else may end up seeing it.

He has just released a Personal Information Online Code of Practice, which he claims is the first of its kind.

Graham said that the benefits of the Internet age are clear - the chance to make more contacts, quicker transactions and greater convenience.

"But there are risks too. A record of our online activity can reveal our most personal interests. Get privacy right and you will retain the trust and confidence of your customers and users; mislead consumers or collect information you don't need and you are likely to diminish customer trust and face enforcement action from the ICO," he said.

Graham said that organisations that adhere to the good practice tips in the Code of Practice will help consumers make informed choices about whether they sign up for particular online services. Keeping out of date records or not holding personal information securely helps nobody and could result in enforcement action, he warned.

"Organisations must be transparent so that consumers can make online privacy choices and see how their information will be used. Individuals can take control by checking their privacy settings and being careful about the amount of personal details they post to social networking sites and elsewhere online," he added.

A guide for consumers is published alongside the Code of Practice giving advice on avoiding online scams, the importance of being cautious about who you are disclosing information to and using privacy settings effectively. µ

Above all, transparency is key. Information sharing online can be a force for good, but it’s essential for the consumer to be told what’s being done and why. Sometimes organisations themselves aren’t aware when they’re sharing data, let alone whether they’re doing it legitimately or not. The code of practice aims to ease these pressures, outlining how organisations can increase transparency and compliance with the Data Protection Act.

There is an argument that says ‘If we shared less data we’d have less risk’ but the reality is that organisations need data, and will have to get it from somewhere, so lets do it properly. The ICO’s code of practice is the first of its kind in the world - there is no one country that has set the example for others to follow so far. Organisations need to take note of the guidance given within the document. While following the code is not a legal requirement, applying its advice on good practice with online consumer interaction will help build consumer trust, brand reputation and limit the likelihood of regulator enforcement and fines.

Neil Matthews,
UK Privacy Officer
Acxiom

posted by : Acxiom, 09 July 2010 Complain about this comment

ICO Code of Practice

The ICO’s new code of practice can only be a good thing, but it’s essential for organisations to understand what this means and how to remain compliant. When the ICO recently introduced data breach fines, almost half (45%) of IT directors were not aware they had come into force and this can’t afford to happen again. Even more worrying is that of those who do know about the potential punishments, only 55% believe they will change their business practices as a result.

After a run of high-profile data losses in the press, consumers have got to be able to feel they can trust businesses and public organisations with their personal details. How many more cases of lost laptops and vulnerable data will we see before organisations realise they have to do more to reassure the public?

The ICO is absolutely right in publishing this code of practice, but it also needs to advise businesses on the range of security options available to protect data, particularly if it ends up in the wrong hands. It doesn’t have to be a case of just hoping it doesn’t happen, businesses need to be more aware of who and what is available to help them avoid data breach and the ICO can lead the way with this.

Dave Everitt
General manager of EMEA
Absolute Software

posted by : Absolute Software, 09 July 2010 Complain about this comment

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

UI Graphics Designers 2 -

A creative graphic designer...

INQ Poll

Facebook starts selling shares

Will you buy Facebook shares?

Yes, it's a great investment

Yes, I want to frame a share certificate

No, it's overpriced

No, I'm not stupid

What, Facebook sold shares? I thought it was free

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

UK privacy watchdog sets out a code of practice

Share this:

Paypal high street mobile payments app hands-on [Video]

London Olympics: Westfield Stratford prepares for visitor deluge with tech innovation [Video]