I attended the ICO annual report launch in London today and it was a good event. There was a different mix of sectors there which I’ve not experienced at other, more practitioner focussed conferences, including plenty of legal firms and private sector organisations.
The question and answer session following the presentation gave a level of interaction and immediacy that the 2012 video presentation obviously lacked. This allowed a dialogue with journalists regarding the CQC story, meaning the report was presented in the context of the latest issues (see the excellent Information Rights and Wrongs blog for a thoughtful DP perspective on CQC).
Every annual report is in some ways a spin or a narrative. Yet I still think the slides after slides of numbers gave a fairly rounded picture: the ICO is, like any other public sector organisation, struggling with funding cuts and juggling resources. The future is also far from certain. Proposed notification changes in the new DP regulation fundamentally challenge the ICO’s funding model and realistically questions the ICO’s future without some serious government support.
The ICO do sometimes get a bit of a battering from campaigners, particularly around FOI enforcement. But I think a bit of credit is due for the speed in turning complaints round, as volume increases and resources shrink, to timescales unrecognisable from those of 3-4 years ago. And this in a context of Freedom of Information getting around only a quarter of the funding that Data Protection gets.
I was a little disappointed in the dismissive statement that local authorities are making a 'pig's ear' of Data Protection. LAs are one of the soft targets against which the ICO can claim to talk tough around enforcement, whilst everyone knows more formidable Data Controllers lurk in the private sector that the ICO are either unwilling or unable to take on in a really effective way.
But overall a good event and a thumbs up for the ICO. Some interesting points that I scribbled down from the presentations:
- Guidance documents, which is a real ICO strength, were added or updated at the rate of around one a week in the last year
- Their own FOIA compliance is good 98% compliance from 1700 requests a year, which is a big number for an public authority of the ICO’s size
- As Chris Graham noted, the ICO is sometimes a convenient punch bag for politicians, ignoring ICO action or recommendations on the press and the construction blacklist until it suited them to do so
- Whilst I sometimes feel I exist in a fairly small world of FOI/DP ‘geeks’, the DP and PECR enforcement on cold calling / spam texting reaches a much wider world of consumers. 150,000 complaints about this area shows that the public is getting increasingly informed about how to act and who to ask
- 10-15% of the complaints regarding Cookies came from people hating the way that it has affected their web experience, which provoked a chuckle from those present