February 5, 2023

Volume XIII, Number 36

Error message

  • Warning: Undefined variable $settings in include_once() (line 135 of /var/www/html/docroot/sites/default/settings.php).
  • Warning: Trying to access array offset on value of type null in include_once() (line 135 of /var/www/html/docroot/sites/default/settings.php).

February 03, 2023

Subscribe to Latest Legal News and Analysis

February 02, 2023

Subscribe to Latest Legal News and Analysis

The UK ICO and Ofcom to Work Together on Online Safety and Data Protection

On November 25, 2022, the UK Information Commissioner’s Office (“ICO”) and the UK’s communications regulator, Ofcom, issued a joint statement setting out how they intend to work together to “ensure coherence between the data protection and the new online safety regimes.” The regulators noted that the statement is primarily intended for online service providers that are likely to be regulated under the online safety regime, but it also will be of interest to other stakeholders as an indication of their joint direction.

According to the statement, in anticipation of Ofcom taking on new duties in 2023 under the Online Safety Bill, the ambitions of the partnership are twofold:

  1. The regulators want users of online services to have confidence that their safety and privacy will be upheld and that the regulators will take prompt and effective action when providers fail in their obligations.

  2. The regulators want providers of online services of all sizes to comply with their obligations and to continue to innovate and grow, supported by regulatory clarity and free from undue burden.

To achieve this, the ICO and Ofcom will work closely together to achieve maximum alignment and consistency between the data protection and online safety regimes. They will:

  • Maximize coherence by:

    • ensuring their policies are consistent with each other’s regulatory requirements and consult closely when preparing codes and guidance. Ofcom will prepare codes of practice and guidance for online services on compliance with the online safety regime and will consult with the ICO, among others, in preparation of these. The ICO will also prepare guidance on data protection expectations for online services deploying safety technologies (e.g., age assurance, content moderation) and will consult Ofcom and others on its preparation;

    • seeking solutions that enhance users’ safety and preserve their privacy; and

    • providing clarity on how compliance can be achieved with both regimes where there are tensions between privacy and safety objectives.

  • Promote compliance by setting clear expectations for industry on what must be done to meet both the online safety and data protection requirements. This includes particular support through the transition for small and emerging companies to help them thrive and grow. The regulators will take action against services that do not meet the obligations, sharing information and intelligence, as appropriate, and coordinating approaches to enforcement.

According to the statement, the ICO and Ofcom will reaffirm their cooperation through a renewed memorandum of understanding which will be updated next year in light of Ofcom’s new responsibilities under the Online Safety Bill.

Copyright © 2023, Hunton Andrews Kurth LLP. All Rights Reserved.National Law Review, Volume XII, Number 332

About this Author

In today’s digital economy, companies face unprecedented challenges in managing privacy and cybersecurity risks associated with the collection, use and disclosure of personal information about their customers and employees. The complex framework of global legal requirements impacting the collection, use and disclosure of personal information makes it imperative that modern businesses have a sophisticated understanding of the issues if they want to effectively compete in today’s economy.

Hunton Andrews Kurth LLP’s privacy and cybersecurity practice helps companies manage data and...

212 309 1223 direct