Reset the ICO
Data protection rights only work if they’re enforced, that’s why we need an effective regulator.
The problem with the ICO
Your data reveals who you are, what you like, where you live and more. That’s why so many companies, government bodies and criminals want access to it.
Whether it’s to stop profiteering, tracking or fraud, data protection is the answer. But we need a strong regulator who will make sure the law is followed.
The Information Commissioner’s Office (ICO) has a poor track record of issuing weak reprimands instead of fines and acting as a critical friend to government. In 2024, the ICO took “regulatory action” in just one case out of the 25,582 complaints lodged with them. This can’t go on.
We need to fundamentally reform and strengthen the regulator, so that it protects the public not the powerful.
.
Demands for an inquiry into the ICO
70+ organisations and experts demand action.
.
Report: Lessons from the pandemic
The ICO’s failures in protecting data rights in the UK.
ALternative ICO ANNUAL report
Read ORG’s evaluation of the ICO’s activities and our recommendations.
Find out moreFive steps to an effective regulator
Be accountable
Give people the right to appeal.
Put the public first
Make the ICO’s primary responsibility to enforce the law and to investigate and remedy infringements.
Be independent
Make sure the ICO is protected from government interference.
End corruption
Stop the revolving door between the regulator and Big Tech.
Let public interest organisations represent the public
Groups like ORG should be able to bring challenges.
.
Why the ICO needs an overhaul
The ICO has consistently failed to protect our data privacy and uphold our rights.