Protect people from predatory marketing calls is going to be one of the main targets of the UK data protection regulator under a new plan.
The Office of the Information Commissioner (ICO) will further examine how algorithms are used in employee benefits systems and the impact of the use of AI in recruitment on minority groups.
Information Commissioner John Edwards set out the regulator’s priorities under the ICO25 plan, which includes a set of measures to help businesses save at least £100m over the next three years.
Speaking on the subject, he said: “My office will focus our resources where we see data protection issues disproportionately affect already vulnerable or disadvantaged groups.
The new measures will be part of the ICO25 plan (PA)
“The impact we can have on people’s lives is the measure of our success. This is what modern data protection looks like, and this is what modern regulation looks like. »
To help businesses save money and improve compliance, Mr Edwards said the ICO publish internal training material on data protection and freedom of information, as well as create a database of advice the ICO has previously provided businesses and the public which could be consulted by anyone seeking advice on data protection.
Commissionerwho took office at the start of the year, told the PA news agency that instead of scattering the regulator and its resources, a more focused approach meant it could “be more selective and try to apply our resources and our regulatory tools so that they have the greatest impact for the greatest number of people”.
Information commissioner wants more targeted approach to ICO’s work (AP)
Unveiling the plan, Mr Edwards said: “It is absolutely clear to me that in a world of increasing demand and decreasing resources, we simply cannot continue to do what we have been doing and expect this to happen. that the system improves.”
At the same time, the ICO25 plan will see the regulator take a revised approach to public sector fines, with the first priority being to improve data protection standards in public sector organizations when a breach occurs.