Coronavirus: ICO temporarily relaxes regulatory approach
Wednesday, April 15, 2020
The Information Commissioner’s Office (ICO) has made a number of temporary tweaks to its regulatory approach during the ongoing Covid-19 coronavirus pandemic, putting the emphasis on pragmatism and empathy, but said it will not shy away from protecting the information rights of UK citizens.
Ilia Kolochenko, founder and CEO of web security company ImmuniWeb, who also holds qualifications in legal studies, criminal justice and cyber crime investigation, said that transitioning to a flexible approach made sense by enabling organisations to focus on the practical implementation of data protection.
“On the other hand, the message is crystal-clear, no negligence or willful misconduct will be tolerated even amid the spiralling pandemic,” he said.
“Many security and data protection technologies successfully deployed in corporate offices are simply immovable to home devices for a variety of technical reasons. Moreover, usage of some of them may be unlawful on private mobile phones, for example, given that they may unduly intrude into personal privacy and private lives far beyond the extent reasonably requisite to ensure the protection of corporate data and intellectual property.
“Therefore, it would be disproportionately harsh and counterproductive to expect organisations to blindly follow the very same security processes for WFH [work from home] teams as they did in the office environment.
“Such requirements as data breach notifications are reportedly not, and shall not be, altered by this unprecedented crisis. Though, most of the requirements related to the notification period since the breach is detected, and under the circumstances, some breaches may take longer to get spotted.
“What I grasp in the ICO message is, however, a well-balanced approach that will fairly consider the integrity of circumstances for any formal or material violations of applicable law and regulations,” said Kolochenko. Read Full Article
The Security Ledger: Amid Security Concerns: to Zoom or not to Zoom?