Speaking at The European Information Security Summit in London, Stephen Eckersley, director of investigations at the Information Commissioner’s Office, outlined the privacy watchdog’s expectations for 2020 and beyond with particular focus on regulations and data protection.
“We are still coming to terms with our new [regulatory] powers,” Eckersley said, “and we are still learning how to apply them – there are a lot of them.”
The ICO expects to face increased expectations from the public, industry, other regulators, law enforcement agencies and governments with regards to being an effective and relevant regulator, he added.
The ICO is the lead supervisory authority on a number of current GDPR-related investigations, Eckersley explained, and will soon be submitting those cases to various EU counterparts, whilst the ICO will also be involved in post-Brexit negotiations relating to data protection.
“That will include the arrangements under cooperation and coordination – it’s too early to say what those arrangements are going to look like – however, from our perspective, securing arrangements that are very similar to the current ones under GDPR would be advantageous for the UK.”
In terms of the volume of data breach reports it receives, the ICO does not expect to see a significant rise over this year and next year, Eckersley said, but the issue of privacy rights surrounding emerging technology will prove a significant challenge.
Lastly, the main challenge for the ICO will be “helping UK citizens stay safe, because personal data, as a commodity, is increasing in value. Organized crime groups are moving into cybercrime, as are state actors, because they recognize that personal data is of value and they can hold organizations to ransom.