ICO and Ofcom strengthen partnership on online safety and data protection

At the end of November 2022, the Information Commissioners Office (ICO) and The Office of Communications (Ofcom) issued a statement setting out their plans to work together ‘to ensure coherence between the data protection and the new online safety regimes’.

Ofcom’s role in online safety and personal data protection will increase with the new Online Safety Bill due to become law in 2023. This will introduce new rules for websites and apps, including social media, search engines, messaging platforms, as well as other services that people use to share content online.

The ICO and Ofcom have worked together for some time in areas of shared interest. We looked at one of them recently when discussing Age Assurance.

In 2020 the two organisations jointly set up the Digital Regulation Cooperation Forum (DRCF). The Competition and Markets Authority (CMA) and Financial Conduct Authority (FCA) joined them in 2021 with the aim of ensuring a greater level of cooperation, given the unique challenges posed by regulation of online platforms.

Working cooperatively means that the main regulatory bodies can develop a clear plan to support small businesses and online service providers. This will minimise duplication and streamline regulatory processes, while taking account of where their regulatory aims and duties may differ.

There are two ambitions that the ICO and Ofcom have for the Online Safety Bill, as set out in their recent statement:

  • To give users of online services confidence that their safety and privacy will be upheld, and that prompt and effective action will be taken when providers fail in their obligations;
  • To help providers of online services of all sizes to comply with their obligations and to support their ability to continue innovating and grow, supported by regulatory clarity and free from undue burden.

Priorities of the Online Safety Bill and the DRCF include:

  • Building shared technical and analytical skills and capabilities;
  • Clarifying the links between data protection and online safety;
  • Collectively building a more comprehensive view of industry trends and new innovations in digital technology to understand shared implications for regulation.

The aim of the DRCF particularly is to prevent duplication and misalignment of regulation and ensuring a coherent approach that allows the ambitions set out above to be realised.

The conclusion of the joint statement says: “Ofcom and the ICO share common principles and overall aims when it comes to protecting people online. We will work together to maximise coherence between our regimes and promote compliance. This will give organisations the certainty they need to invest. innovate and grow, whilst providing a safe and privacy-respecting online experience for users.”

The Online Safety Bill is still at its committee stage as we write this. This means that changes can and will be made to it before it becomes law.

CSRB’s mission is simple. To be clear and open about personal data protection. What you need, why you need it and what you are legally required to do.

We will be keeping abreast of the latest changes in the Online Safety Bill and other changes in regulations as they are announced and will be able to offer our clients clear jargon free explanations of what is expected of them.

Please get in touch with us here or call 0117 325 0830 to learn more about how we can bring transparency to your information governance framework.