How will data protection reforms affect the Information Commissioner’s Role in 2022?

A smartphone shows the Information Commissioners Office website
Print this page Email a link to this page

The government is updating the current data protection framework, and the new Data Protection and Information Bill outlining the proposal was introduced on 18 July 2022.

The Bill has highlighted the critical role of the Information Commissioner’s Office in promoting compliance in a data-driven world.


Data Protection and Information Bill reforms data protection regime: Information Commissioner’s Role

Reforming the ICO’s agenda will invest in its success and sustain its reputation. The reforms seek to better equip the ICO as an agile regulator: ensuring strong leadership and governance and creating a risk-based and proactive approach to its regulatory activities.

The Data Protection and Information Bill will implement a new overarching objective to uphold data rights and encourage trustworthy and responsible personal data use. The ICO will be expected to cooperate and consult with other regulators and relevant bodies when fulfilling its growth, innovation and competition duties.


Annual Reporting

Under newly introduced accountability mechanisms, the ICO will report annually on its approach and performance, to include:

  • performance against strategy;
  • discharging functions in line with the new framework; and
  • approach to enforcement and use of powers.


With enforcement powers, the ICO will be given a power to commission technical reports to compel witnesses to attend and answer questions at interview; and to issue a penalty following a notice of intent within six months.

Finally, several statutory commitments will be created to enable the ICO’s role as a regulator.


Accountability for the ICO

The ICO will undertake impact assessments when developing codes of practice and complex guidance to increase its accountability. The ICO will be required to set up a panel of experts to ensure a full diversity of views are considered.

The government will introduce a process for the Secretary of State to approve the ICO codes of practice and statutory guidance as a final safeguard before the guidance is laid in Parliament.

If you have any queries about what these changes could mean for your business, please contact the Muckle Data-Protection team or Alex Craig.