10 years of Data Protection Day – 10 years of ICO annual reports
Information Commissioner Christopher Graham writes:
“Why is European Data Protection Day celebrated on 28 January? A good question for a pub quiz, perhaps. The answer is that the Council of Europe’s Convention 108 on the protection of personal information was open for signature on 28 January 1981.
“The Convention was the starting point for the European Directive on which the Data Protection Act is based. European Data Protection Day (celebrated as Privacy Day outside Europe) was inaugurated in 2007. So this 28 January we are marking the 10th birthday of the first birthday party of the Convention 108 – itself 35 years old. Got it?
“Ten years provides a perspective for looking back at how the ICO has been doing data protection and growing its effectiveness. Here are key quotes from the forewords of the last ten annual reports, reminding us of how far we’ve come in upholding information rights.”
Previous Information Commissioner Richard Thomas:
2005/06
“Never before has the threat of intrusion to people’s privacy been such a risk. It is no wonder that the public now ranks protecting personal information as the third most important social concern.”
Data protection and Freedom of Information are two sides of the same coin and in 2005 the FOI Act came into force.
“The first year of Freedom of Information has been simultaneously successful and difficult. The new law signals major constitutional, cultural and practical change.”
2006/07
“We have started a national debate about surveillance issues and this has inspired two select committee inquiries.”
2007/08
“At last our work is valued as highly relevant, topical and centre-stage – providing constructive guidance, taking tough action where necessary, setting national agendas and stimulating difficult and serious debate.”
2008/2009
“Freedom of information, a somewhat fragile flower for most of its lifetime with a few vocal friends in Westminster and Whitehall, is now a permanent fixture and a core part of the fabric of public life.”
And, on data protection:
“The exposure and closure of the secret construction industry database was universally praised. The illegal trade in personal data appears to have diminished. We have worked hard to get data protection taken more seriously.”
Christopher Graham:
2009/10
“The challenge is to balance the expectation of transparency in official organisations while preserving personal privacy…as more and more issues are brought to the Commissioner for a decision, the challenge to the ICO can only grow.”
2010/2011
“Armed with the power to impose civil monetary penalties for the most serious data protection breaches and following a more clearly articulated enforcement strategy… the ICO has been seen to be a robust regulator.”
2011/12
“The Right to Privacy and the Right to Know are of increasing practical concern to consumers and citizens. At the same time, government and business, assisted by technology, are forever pushing the boundaries of the possible and the permissible.”
2012/13
“Our enforcement actions against the generators of spam texts and nuisance phone calls was aided by an easy to use reporting tool on the ICO website which gathered more than 155,000 consumer tip offs over the year.”
2013/14
After the Edward Snowden revelations about state surveillance:
“Effective information rights regulation on the ICO model will be vital in rebuilding necessary public confidence, both in digital services, whether commercial or public sector, and in transparent and accountable government.”
2014/15
Government removal of ICO’s requirement to prove substantial damage or distress before we could issue a fine:
“The enhanced powers granted to the ICO represent a vote of confidence in the organisation’s policing of data protection. …The change in the law will help us to nail more of these merchants of menace.”
