Takeaways from the Data Protection Practitioners’ Conference

On Monday, we saw the ICO’s 12th annual Data Protection Practitioners’ Conference

take place at the Manchester Central Conference Centre.

The day had a variety of events including a talk from President and Executive Director of EPIC (Electronic Privacy Information Centre), Marc Rotenberg, and panel sessions covering important topics, including what Brexit means for Data Protection.

Several interesting discussion points were raised throughout the day and I would like to

take the time to discuss with you the two that I found myself most fascinated by. First,

the ICO’s focus on the accountability principle of the GDPR, and second, the developing

area on Ethical Data Protection and AI profiling.

One: “Accountability encapsulates everything the GDPR is about.”

The Commissioner made the message on prioritising accountability clear in her opening

speech for the DPPC. The ICO will not be satisfied with organisations just complying

with the new regulations. The emphasis is instead on the ability to demonstrate you are


This strong message from Elizabeth Denham will likely be a welcome one to Data

Protection Professionals across the country, who may be battling to convince

organisations that the GDPR is not a one-time tick box, but a factor to consider

continually. The Commissioner’s reinforcement of this point should help cement Data

Protection’s integration into business culture. The progress we have made in the year

since GDPR came into force is a promising start but we must continue the trend in the

right direction.

Two: Technology, ethics and compliance – leave no room for loopholes.

I would like to congratulate Mikko Nava for winning the second ICO Data Practitioner of

the Year award. I thought his acceptance speech was genuine and gracious and his

thoughts on the industry being “the intersection between technology, ethics and

compliance,” was thought provoking in its own right. With data privacy incorporating so

many areas which are in the process of change and growth, the only way to ensure the

protection of data subjects is by reaching an equilibrium between technology

advancements, the ethics surrounding the tech, and the legislation which is already in


To reach this balance, forward-thinking ethical and legal discussion is required, that

would not afford future technologies loopholes in the law. We also need to improve the

understanding of these technologies, such as the growing use of Artificial Intelligence


It was a welcome sight to see the ICO taking steps towards striking this balance. Their

AI auditing framework blog, which helps demystify this area, is a useful starting point. I

will be putting out a few thoughts on this topic myself, over the coming months.

ico logo
Share on facebook
Share on twitter
Share on linkedin
Share on email