The introduction of privacy seals by the Information Commissioner’s Office (ICO) has the potential to mark the beginning of a major shift in the regulatory landscape for data protection in the United Kingdom.
According to Tughan Thuraisingam, senior associate at PwC Legal – UK, the most interesting aspect of the scheme is that in order to be awarded the seal, businesses will be required to meet the assessment criteria set by third party operators endorsed by the ICO.
As it is anticipated that each third-party operator will focus on their own sector of expertise or area of compliance, it is also likely that the seal will be awarded for a specified period of time (after which renewal will be required) and may also be revoked if businesses fail to maintain the high data protection standards set.
“In an environment where concern for privacy is at an all-time high, businesses may have no choice but to keep up with their competitors and therefore maintain the high standards set by third party operators,” he said. “We used to say that ‘doing nothing is not an option’ when it comes to data protection compliance. In future, could doing ‘the minimum’ be perceived as a non-option too?”
FULL STORY