Thursday 7 March 2013

Manchester: the ICO does it again

An enormous crowd appeared on Tuesday to attend this ICO’s Data Protection Officer Conference in Manchester. Despite increasing capacity by over 60% this year, the venue simply wasn’t large enough to accommodate everyone who had wanted to attend. It shows how important all this privacy stuff has become. 

I should report that almost everyone was on their best behaviour. The exhibitor’s stands were much appreciated – perhaps because the focus was on the many facets of the ICO, and the organisations that were not “commercial” in nature, but existed to share best practice and offer forums where similarly affected souls could work out how to deal with data protection issues at the coalface, as it were.

Francoise Le Bail, Director General for Justice at the European Commission was present and on fine form. Evidently, if there is a low level of trust in a country, then consumers won’t be as economically active on-line than if there were higher levels of trust. Given the fact that the UK has one of the highest internet penetration rates of any EU Member State, I can only assume that the UK enjoys a relatively high level of trust. But, I was too polite to put that point to the keynote speaker.  

Deputy Commissioner David Smith made a very telling point when commenting on the latest proposals to harmonise EU privacy laws. As far as he was concerned, what was most important was that there should be greater consistency around Europe, as opposed to harmonisation. The law should be consistent with regard to national cultural sensitivities. So, if the German’s didn’t like Google’s Streetview service, then that was fine – so long as the Brits, who evidently liked it, could continue to have it. I am greatly simplifying David’s views, and I do apologise for this, but you get the gist. 

Turning to those who misbehaved.  

I’m not referring to those audience members who, during the Question Time session, applauded me when I asked if the ICO would prefer a power, rather than imposing civil monetary penalties on public authorities (and thus return public funds to the Treasury), instead to require the offending authorities to spend money on data protection awareness campaigns and other initiatives that would enhance local standards.   

Actually, I’m referring to 63 delegates who, by not informing the ICO that actually they wouldn’t be attending, denied a further 63 potential delegates from sharing such a great occasion. But, the ICO does know who they are – so this happy bunch can expect to have their 2014 conference applications rejected, and for the ICO’s enforcement team to “invite” them to apply for a voluntary data protection audit later this year.

As the Chairman of a not-for profit professional conference organisation (the Data Protection Forum), I feel the ICO’s pain when it tries to anticipate delegate numbers and ends up wasting money (on catering costs, etc) when those who have said they will attend ultimately don’t. Or when it has to turn people away when there was space after all.

But that’s a minor quibble. The ICO’s team put on a great event and I can’t wait to learn what surprises are in store for those who are lucky enough to attend next year. A cabaret from the ICO’s chorus singing data protection ditties? Information Commissioner Christopher Graham, Britain's "go to" regulator, appearing on stage in a rickshaw pedalled by the European Data Protection Supervisor?  Or a presentation beamed live from a UK prison featuring someone who has been jailed for committing a data protection offence? 

Pencil the date in your diaries now. 

(Hopefully) looking forward to seeing you at the next ICO’s Data Protection Officer Conference in Manchester on Tuesday 11 March 2014.  

Question Time session - (at 7mins 22 secs)