UK government and Information Commissioner’s Office sign agreement to firm-up data protection
The UK government has signed a memorandum of understanding (MOU) with the Information Commissioner’s Office (ICO), setting standards and expectations for the protection of citizen data.
The ICO is the independent regulatory body responsible for national data protection and reports directly to parliament.
The MOU consists of 17 commitments and aligns with the government’s plan to use technology to digitally transform public services. According to the agreement , the parties are expected to work towards a shared vision to ensure citizens see “real benefits in sharing their data” and that public trust is preserved.
According to the document, the ICO will support government’s ambition to “create a modern digital government and drive economic growth”. It warned however that this would rely on the public having “confidence that their data is being used safely, for the public good and within the law”.
Innovation 2026 – register now
Co-hosted by the UK Government, UK Civil Service and the Cabinet Office, Innovation is a unique exhibition and conference that brings together government leaders from across the globe responsible for the transformation and acceleration of their public sector organisations and services.
2026’s exciting content line-up includes riveting panel discussions, exclusive roundtables and an innovative exhibition floor, and reflects the areas that governments around the world are prioritising – and where they are working to drive transformation.
Find out more about the agenda and register to attend here
The ICO has agreed to produce “timely and relevant guidance, codes of practice, advice notes, opinions, and audits that support the government and the public sector to use people’s data safely”. It also said it would be “transparent” with the public on holding organisations to account for any future breaches and would “share insights [with government] on any trends and potential risks that the ICO has seen in its work”.
Among the government’s commitments is a pledge to release an “annual assurance statement” on how people’s data is being kept safe and how “new and proposed technologies and processes have been designed with trust and privacy in mind”.
Read more: UK reforms data rules to improve public sector sharing
The government also pledged to prioritise public trust in its handling of personal data by “investing the appropriate resources and time needed to continue to create a culture of high standards and compliance”. Ministers and senior officials will be among those expected to take a lead on strengthening a culture of data security.
This will entail creating what the MOU describes as a “a cross-government culture of continuous learning around improving information security”, including “gathering intelligence and learning lessons from personal data breaches and ‘near misses’”.
In addition, the government has committed to informing “civil servants of the real-world consequences of inadvertent personal data breaches by developing and delivering ongoing and engaging communication campaigns”.
The MOU was signed on 9 January, but the intention to formalise an agreement was first announced in October last year by information commissioner John Edwards.
Edwards said then that the agreement would ensure that government’s plans to use new technologies to transform public services would be carried out “with the appropriate safeguards in place”.
Read more: Brazilian pilot explores letting citizens control – and sell – their personal data
Government publishes cyber action plan
Meanwhile, the government is taking additional steps to make online public services more secure and resilient.
On 6 January it published the Government Cyber Action Plan, which sets out how it plans to strengthen cyber defences and digital resilience across departments and the wider public sector. It is backed by £210m (US$155m).
Aims include achieving a “clearer visibility of risks”, “strongercentral action on the toughest challenges”, and “reacting quickly to fast-moving cyber threats and vulnerabilities”.
Ian Murray, the minister of state for the Department for Science, Innovation and Technology, said in the foreword to the plan: “Hostile states and criminal groups are actively probing our defences, seeking to disrupt our way of life and undermine our national interest.We must be clear eyed about what is at stake.”
The plan outlines how government will take what it called “proactive, risk-led action with clear accountability, mandatory requirements, and comprehensive central support” to strengthen public sector infrastructure.
Steered by a new agency, the Government Cyber Unit, the plan correlates with the UK government’s work to digitise public services so that “phone queues and paperwork” no longer obstruct citizens’ access to support.
The government envisages that this digitisation could unlock up to £45bn [US$60.6bn] in productivity savings.
Read more: On the defensive: strengthening government cybersecurity in a changing landscape
About Jack Aldane
Jack is a British journalist, cartoonist and podcaster. He graduated from Heythrop College London in 2009 with a BA in philosophy, before living and working in China for three years as a freelance reporter. After training in financial journalism at City University from 2013 to 2014, Jack worked at Bloomberg and Thomson Reuters before moving into editing magazines on global trade and development finance. Shortly after editing opinion writing for UnHerd, he joined the independent think tank ResPublica, where he led a media campaign to change the health and safety requirements around asbestos in UK public buildings. As host and producer of The Booking Club podcast – a conversation series featuring prominent authors and commentators at their favourite restaurants – Jack continues to engage today’s most distinguished thinkers on the biggest problems pertaining to ideology and power in the 21st century. He joined Global Government Forum as its Senior Staff Writer and Community Co-ordinator in 2021.
Related Posts
