A blended approach to privacy notices

x Sponsored content on Research Live and in Impact magazine is editorially independent.
Find out more about advertising and sponsorship.

Privacy notices, often criticised for their excessive length and use of technical language and legalese, are a mandatory tool to ensure that personal data is processed fairly and lawfully. Their value lies not only in ensuring legal compliance with the data protection framework, but also in communicating a privacy-centric culture that embeds a respectful approach to individual rights and a commitment to data privacy. 

In its new publication, Privacy notices, transparency and control: A code of practice on communicating privacy information to individuals, the Information Commissioner’s Office (ICO) offers a revised, workable approach to privacy notices. It covers compliance with the current legal framework in the Data Protection Act 1998 (DPA) and the forthcoming General Data Protection Regulation (GDPR), which will be implemented in the UK in May 2018, despite Brexit.

The code includes advice on: what should be included in a privacy notice; where to deliver privacy information to individuals; when to actively communicate privacy information; ...