Privacy & Information Security Law Blog

As we reported on October 8, 2013, the Information Commissioner’s Office (“ICO”) has announced it is reviewing its Privacy Notices Code of Practice (the “Code”) to assess whether it should be updated. In anticipation of the November 30^th closing date for comments on the Code, today the ICO’s Head of Policy Delivery posted a request for feedback on the ICO’s blog.

The Code was published in 2009 and was highly commended at the 2010 Nominet Internet Awards. The ICO considers that it provides “good practice advice,” but that rapid technological developments in the past four years, in particular the widespread adoption of smartphones, makes now the right time to review the current Code.

In his blog post, Steve Wood, Head of Policy Delivery, emphasized that “privacy notices are a vital means of informing people about how their personal data is being processed and letting them know about their rights under the Data Protection Act 1998 (DPA). Providing a privacy notice is also the most obvious way for organisations to meet their obligations under the Act to provide fair processing information.”

The ICO is seeking feedback both on the Code, and also its privacy notices checklist for small business. In particular, the ICO is interested in examples of good and bad practices. The ICO, which is keen to “get the balance right between clear, general guidance and making sure the guidance works for new technologies,” welcomes all comments.

Comments on the Code should be sent to the ICO by November 30, 2013 by email to: richard.sisson@ico.org.uk.