Skip to: main navigation | main content | sitemap | accessibility page


Building sandcastles with the ICO

The UK’s data protection regulator, the Information Commissioner’s Office (ICO), is calling for evidence and views on creating what it calls a “regulatory sandbox”.

Adopting a similar approach to the Financial Conduct Authority, the ICO’s Technology Strategy for 2018-2021 explains that the sandbox will “enable organisations to develop innovative digital products and services, whilst engaging with the [ICO], ensuring that appropriate protections and safeguards are in place”.

If the ICO adopts the FCA’s approach, eligible organisations from national companies to start-ups would apply to be part of a cohort that would agree a testing protocol with the ICO and receive informal guidance on how to bake compliance with data protection obligations into their product development processes. While the ICO would not exempt participants from complying with data protection law, the risk of action being taken would be mitigated by leveraging the benefit of the ICO’s expertise.

The deadline for submitting evidence and views is 12 October 2018.

The contents of this article are intended for general information purposes only and shall not be deemed to be, or constitute legal advice. We cannot accept responsibility for any loss as a result of acts or omissions taken in respect of this article.

Categories: GDPR | Commercial | For Business | Digital Media & Technology

Meet The Author


Taxonomy Selection


To find out how we can help you or your business, get in touch.

Give us a call:

0117 906 9400

  • This field is for validation purposes and should be left unchanged.