InfoPro32 Oct/Nov 2021

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

this to have the ICO as a mechanism to promote citizen’s data rights and data literacy.”

Conflict

Jess Pembroke, recently appointed Head of Data Protection at Naomi Korn Associates, said: “This Consultation very much puts the needs of business and economic growth at its heart. Data is a valuable commodity, so there can be conflict where the benefit for the business isn’t necessarily in the best interests of the data subjects. I feel very nervous about the proposal to remove the legal requirement to designate a Data Protection Officer (DPO). “The introduction of the General

Data Protection Regulation (GDPR) and specifically this requirement was the first time the role of a DPO has been recog- nised for its specialist knowledge and elevated to a senior enough level to make significant impact by helping navigate and implement the complex data pro- tection principles. This is fundamental for librarians and information specialists who have been tasked with the responsi- bility of being their organisation’s DPO. A DPO is also often tasked with giving an ethical as well as commercial steer. Without the need for a DPO being clearly defined in law, I fear the responsibilities

and subsequently the impact of a DPO could be diluted. These changes risk the DPO role losing its status to the detriment of data subjects and organisational legal compliance.”

High standards

The Information Commissioner’s Office published a response to the DCMS consul- tation and in its foreword, outgoing CEO Elizabeth Denham said she supported “the intention of the proposals to make innovation easier for organisations,” adding that “innovation is enabled, not threatened, by high data protection standards”. Despite leaning towards business, legal experts representing industry also say attempts to rebalance UK GDPR towards business innovation may be risky. But they don’t see the risk coming from undermining data security, but from inadvertently raising new barriers to trade. In a comment David Varney from law firm Burges Salmon criticised the existing regime as a ‘one-size-fits-all’ approach that particularly burdens smaller organisations, but he said “any significant movement away from the EU’s GDPR regime may imperil the UK’s adequacy decision and data flows with Europe, so any changes to the UK data protection regime will need to strike a balance...”

Claire Edwards, a Partner at law firm

Pinsent Mason, also praised the pro-busi- ness direction of the proposals but said: “Global businesses may find the UK’s move to a privacy management system of accountability of limited benefit given their need in parallel to continue to com- ply with the EU GDPR full accountability framework.”

Whether or not the voice of the informa- tion profession is heard by the government, the EU still provides a safety net – or barrier – and appears to be why New Zealand’s privacy commissioner, John Edwards, is the Government’s preferred choice as the UK’s new Information Commissioner. The Government said: “He will be able to help the UK achieve its aims of maintaining equivalence with the EU’s data standards, so personal data can continue to flow freely, while developing a new pro-growth approach to data law.” The proposals also include changes to the ICO’s constitution. In her foreword to the ICO’s response to the consulta- tion, Elizabeth Denham expressed some concern saying: “The current proposals for the Secretary of State to approve ICO guidance and to appoint the CEO do not sufficiently safeguard this independence. I urge Government to reconsider these proposals to ensure the independence of the regulator is preserved.” IP

October-November 2021

INFORMATION PROFESSIONAL 17

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16 | Page 17 | Page 18 | Page 19 | Page 20 | Page 21 | Page 22 | Page 23 | Page 24 | Page 25 | Page 26 | Page 27 | Page 28 | Page 29 | Page 30 | Page 31 | Page 32 | Page 33 | Page 34 | Page 35 | Page 36 | Page 37 | Page 38 | Page 39 | Page 40 | Page 41 | Page 42 | Page 43 | Page 44 | Page 45 | Page 46 | Page 47 | Page 48 | Page 49 | Page 50 | Page 51 | Page 52 | Page 53 | Page 54 | Page 55 | Page 56 | Page 57 | Page 58 | Page 59 | Page 60