Make data protection law work for everyone
Currently only citizens – who rarely have the expertise, ability or time – are able to initiate complaints when data law is broken. Privacy watchdogs like Open Rights Group don’t have the same freedom, stopping them from safeguarding the public.
In October 2020 we had a rare chance to make data protection law serve everyone better. The Department of Digital, Culture, Media & Sports (DCMS) held a public call for views on the powers for NGOs to independently bring forward complaints about data protection breaches and your voice can make all the difference.
Hundreds of ORG members and supporters spoke out for better data protection law by responding to the call for views. The consultation concluded on 22 October 2020 and we are now awaiting the Government’s response.
ORG’s position includes the following points:
- Data processing operations are deeply complex and systemic, like the problems with online advertising. Relying solely on individuals to identify problems is unrealistic. Privacy organisations have the expertise and knowledge to identify problems and protect individuals’ rights. They must be allowed to independently raise complaints to the ICO and complain to the court about controllers, processors or ICO failure.
- Some of the worst breaches of data protection law are attached to sensitive areas of our private lives, like tracking individual’s use of mental health websites. These areas need to be challenged but often are not because of their sensitivity. Giving organisations the power to bring complaints independently means these sensitivities will not prevent action from being taken to protect privacy.
- Consumer law allows for super-complaints from consumer organisations to take complaints about harm to consumers. By implementing Article 80(2), it would place data protection law on the same standards as consumer law.