Last Month, The U.K. Commissioner for Public Appointments posted an advertisement for a new Information Commissioner. Current Commissioner Elizabeth Denham announced previously that she was leaving her post in October, having overseen the UK’s transition to new data protection laws.
Whoever is hired will be stepping into quite a sizable pair of shoes. Data protection complaints doubled in 2018/19, from around 21,000 to over 40,000 complaints. There were slightly fewer complaints in 2019/20, but the number is still far higher than before the implementation of GDPR. This is not necessarily a bad thing; the rise in numbers is partially due to more stringent rules, but it has also come from increased public awareness around data protection. Individuals are learning to be a bit savvier about their data, and they’re learning where to go when they feel their data is being misused.
Awareness is important in current times, as we are producing personal data almost all the time. All our time on electronics, our use of smart technology, and even the signing of a humble visitor book. It all creates data. In 2025, we’re due to hit a total of 175 zettabytes of data in the global datasphere. A single zettabyte is around a trillion gigabytes. Not all of that is personal data, but the numbers are still rather overwhelming to think about. Increasing amounts of data, and increased pressure on the Information Commissioner’s Office (ICO), must make the job of Information Commissioner rather daunting to apply for.
What is an Information Commissioner?
The information commissioner is the head of the ICO. For the most part, they act as the public head of the body, and lead the organisation through its strategic development. The Information Commissioner looks at the big picture, while those employed by the ICO manage the day-to-day duties of the office.
In the government’s advertisement for the role, they describe some of the duties of the ICO:
- Give advice to members of the public about their information rights;
- Give guidance to organisations about their obligations with respect to information rights;
- Help and advise businesses on how to comply with data protection laws;
- Gather and deal with concerns raised by members of the public;
- Supports the responsible use of data;
- Take action to improve the information rights practices of organisations; and
- Co-operate with international partners, including other data protection authorities.
To a Data Protection Officer (DPO), this role description might sound familiar. Most Data Protection Officers work within a smaller remit, and unfortunately there’s rarely an opportunity for an international visit. However, many of the same principles apply. Data Protection Officers need a good memory and a keen eye for relevant legislation. In schools and colleges, they also need strong problem-solving skills. In an environment with a lot of personal data, and quite a few wildcards, a DPO needs to be prepared for a brand-new scenario every day. Taking a piece of legislation (written largely for businesses) and translating it into practical solutions for the education sector can take some talent. Maybe the public appointments office needs to have a look round schools for their next candidate.
