Denham: "GDPR is already being outpaced by new tech"

DataIQ News

Information Commissioner Elizabeth Denham is demanding even stronger powers to investigate data breaches after warning that GDPR is already "being outpaced by technological advances in data analytics".

Speaking at the IAPP Europe Data Protection Intensive 2018, Denham said that the recent Cambridge Analytica (CA) scandal demonstrated the need for a more "streamlined" approach to investigations, and powers that allow the ICO to act far sooner than it has been able to.

Under GDPR, Denham said she will be able to "look behind the curtain" and see who holds personal data and how they use it but she wants the ICO to be able to act on this information much quicker.

In the height of the CA row, the ICO had to wait nearly a week to gain a warrant to inspect the company's servers. This led to the chair of the Culture, Media & Sport Select Committee Damian Collins calling for the ICO to have the power to search data companies and seize their files without a court warrant.

Denham said the ICO was working with the Government to negotiate the introduction of such powers under the UK Data Protection Bill which will put GDPR on the UK statute book. She said the regulator would also be making changes internally to help improve its effectiveness.

However, while Denham made it clear that the ICO wants to respect companies' rights, it needs a warrant process with a "lower threshold".

"We need the regime to reflect the reality that data crimes are real crimes," Denham said. "As society moves increasingly online, data protection law needs to have the comprehensive reach people would expect of laws in the physical world. My aim is to prevent harm, and to place support and compliance at the heart of our regulatory action." However, she added: "Voluntary compliance is the preferred route."