UK Watchdog Consults on Changes for Handling Data Protection Complaints
The U.K. Information Commissioner's Office has an ever-increasing workload that's affecting its ability to respond quickly to data protection complaints, it said Tuesday in a consultation on draft changes to its complaints-handling process. Comments are due Oct. 31.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
The ICO noted that it received nearly 40,000 complaints in 2023-24 and 42,800 in 2024-25. If that trend continues, the figure could increase to 45,000-55,000, it said.
The proposed framework outlines the watchdog's process for assessing how much to investigate a particular complaint, allowing it to focus on cases that have the most impact and can improve data protection compliance.
The office also proposed reporting mechanisms that would allow it to monitor complaint volumes across specific organizations and sectors, identifying trends that might benefit from other kinds of regulatory action.
The Data (Use and Access) Act requires organizations to establish a complaints process for data-protection-related issues, the office said. Once that provision goes into effect, "we would expect that more complaints will be resolved by organisations without the involvement of the ICO."
When people complain to the ICO, it said, "we want to provide the most effective service given the finite resources we have."