We hope you enjoy discovering more about our work,
wide range of career opportunities and the exciting future
we could offer you.

About ICO

About Information Commissioner's Office

Who we are and what we do

The ICO is a statutory regulator independent of government, set up to uphold the information rights of UK people.

We are responsible for 11 pieces of legislation in total, although we are most associated with ensuring individuals’ data privacy through the GDPR and Data Protection Act. We also promote openness in public bodies through the Freedom of Information Act and tackle the blight of nuisance calls through the Privacy and Electronic Communications Regulations.

We educate, advise and raise awareness of information rights on a national and global level. Where necessary we invoke our powers to take enforcement action against organisations that consistently, deliberately or negligently fail to comply with the law.

Our Head Office is based near Manchester in Wilmslow, Cheshire. And we have regional bases in Edinburgh, Cardiff and Belfast as well as an office in London.

Our mission

Our Information Rights Strategic Plan sets out the Commissioner’s mission for her term of office.

You can read the full plan here but, in short:

  • It commits us protecting the public in a digital world.
  • It commits us to leading implementation and effective oversight of the GDPR and other data protection reforms like the e-privacy Regulation and Law Enforcement Directive.
  • It commits us to exploring innovative and technologically agile ways of protecting privacy. Read more in our Technology Strategy.
  • It commits us to strengthening transparency and accountability and promoting good information governance.
  • It commits us to maintaining and developing our influence within the global information rights regulatory community. You can read our International Strategy here.
  • And it commits us to providing a world class reporting, assessment and investigation service to ensure UK citizens are protected from harm caused by cyber attacks.
What we do

You can read about the legislation we regulate here.

The GDPR is the centrepiece of a package of EU data protection reforms and brings a 21st century approach to data protection legislation. It provides greater protections for the public and enhanced obligations for organisations.

We have provided a range of resources to help organisations comply including a Guide to the GDPR and bespoke tools for small organisations and specific sectors such as health, schools and local government.

The Commissioner and ICO colleagues regularly write blogs and make speeches about issues relating to privacy, transparency and information rights.

The Information Commissioner

Elizabeth Denham was appointed UK Information Commissioner in July 2016, having previously held the position of Information and Privacy Commissioner for British Columbia, Canada and Assistant Privacy Commissioner of Canada.

In 2018, she was named as the most influential person in data-driven business in the DataIQ 100 list.

She was awarded a CBE in the December 2018 Queen’s New Year’s Honours list.

You can read more about her background, achievements and aspirations here. You’ll also find links to speeches she has delivered and blogs she has written.

Elizabeth heads up the ICO’s management board.

Taking action

We prefer education, engagement and encouragement over enforcement. But we have a range of tools at our disposal to change the behaviour of organisations and individuals that do not comply with the law.

Under the GDPR, we will have the power to fine up to £17million or 4 per cent of an organisation’s global turnover, whichever is greater.

Recent action taken over nuisance calls can be found here.

Recent action taken over data protection breaches can be found here.

Information about other types of action including criminal prosecutions can be found here.

We are developing a new Regulatory Action Policy which will be formally presented at our annual conference for Data Protection Practitioners on 9 April.

Media and communications

As our remit and impact grows, so does our reliance on first class media and communications relationships and management.

Our staff and our work regularly feature in news and current affairs items on television, radio, print media and on-line. We have a professional communications department, including a 24/7 Press Office service, to field queries and ensure that the ICO is on the front foot when news stories break.

We rely on excellent and accessible communications to engage with the public through our website and newsletters, and are building our reputation as a regulator of renown and impact.

You can read our press releases here.

We have 80,000 followers on Twitter, 55,000 on LinkedIn and 8,000 on Facebook. Our monthly e-newsletter is received by 150,000 subscribers. Don’t link to the newsletters we aren’t putting them out at the moment

About ICO