I was recently lucky enough to have a day in Manchester at the ICO’s Data Protection Practitioner’s Conference. This was my first time at an ICO conference and it proved to be an intriguing day.

It was surprising to hear the keynote speaker Marc Rotenberg, President and Executive Director of EPIC (Electronic Privacy Information Centre), discussing the ongoing work his organisation is undertaking to ensure the rights of citizens are protected.

EPIC are a stateside research organisation. You can read more about their work on their website, so I won’t repeat it here. But I was delighted to know that the ICO are working alongside them. In particular, EPIC’s work in defending citizens against mass surveillance is fascinating.

It makes perfect sense that ICO would align themselves with an organisation like EPIC, but strange that there doesn’t appear to be an equivalent ICO regulator stateside. However, there are suggestions that the US Federal Trade Commission is planning to fine Facebook a large sum.

Next up was Margot James, Minister of State for the Department of Digital, Culture, Media and Sports. It was gratifying to know the government is supportive of the work the ICO are undertaking. But embarrassingly her department was recently responsible for an email data breach. So it goes to prove no-one is immune!

Other topics of the day included protecting children online, Brexit, ICO’s grants programme, and the ethics of data protection. Various breakout sessions were available. I had chosen to focus on Data Protection Impact Assessments. The session was light touch but intriguing.

An array of stalls were available at the conference. Some stalls were more commercial than others. The ICO had a heavy presence and I took the opportunity to ask their incident breach team some questions about their views on health sector compliance.

Act Now training were present, with whom I have gained certification in the past, so I discussed with them the feasibility of discounts for returning students! They took this in good spirits and it was a pleasure to meet them face to face after all these years having only had discussions online and by phone with them in the past.

Various consultancy and outsourcing firms were available. It was interesting to hear the views of delegates who came from legal professions on the topic of outsourcing. I detected some friction between solicitors and consultants. The contention seemed to be that outsourcing firms were too far removed from their client’s environments and did not always have the legal expertise or relevant experience to advise effectively. I suspect this goes the other way too on occasion!

Other stalls included a data protection themed board game which could be used for training sessions and a data flow management software solution

The other delegates I met during the course of the day came from a vast array of work environments and locations. I met delegates from universities, social services, legal firms, and community support. Delegates came from many different places, some as far as other countries to be there.

You can see more about the conference day here:


Author: Maxwell Allen
Maxwell is an experienced Data Protection Officer who has worked within the health sector for over 20 years.