Recent ICO guidances and feedback requests on GDPR

Recently UK Information Commissioner Office (ICO) published several GDPR guidances and requests for public feedback.

Guidance on consent

In March ICO published draft guidance on consent under the EU GDPR. Guidance was opened for public feedback till March 31, and ICO now aims to publish this guidance in May 2017.

Our guidance on consent explains our recommended approach to compliance and what counts as valid consent. It provides practical help to decide when to rely on consent, and when to look at alternatives. It also explains the key differences with the DPA and gives advice about existing DPA consents.

Reed the feedback on ICO’s guidelines:

Feedback request on profiling and automated decision-making

In April ICO published its feedback request on profiling and automated decision-making. It represents ICO’s initial thoughts on certain aspects of profiling in the GDPR, however, ICO warns, it should not be interpreted as guidance. Responses will help to form ICO’s contribution to the WP29 guidelines that will be published later this year.

The discussion paper published today highlights the key areas of profiling we feel need further consideration. This includes subjects like marketing, the right to object and data minimisation – and we want your feedback. We’d like to hear the views of our stakeholders and get examples of best practice before 28 April 2017.

Call for Feedback on GDPR derogations

ICO has published its call for feedback on derogations under GDPR.

For all derogations, stakeholders are encouraged to submit their views through the online ‘Call for Views’, uploading research and/or data where relevant. This exercise is to capture views on if and how the government should implement the defined flexibilities permitted within the GDPR.

Consultation closes at midday on 10 May 2017.

Update on paper on big data

In March ICO published updated version of paper on big data, artificial intelligence and machine learning. This paper sets out the ICO’s views on issues and how they relate to the GDPR.

>