Our approach
All our activities support the ICO’s mission: getting official information into the open (unless there are good reasons not to) and ensuring that personal information is properly protected. We aim to be a strategic regulator, making the best use of resources by taking selective action where we can make the biggest difference.
Compliance with the law is not a goal in itself. The benefits of freedom of information and data protection can - and should - be achieved without the ICO’s constant intervention. We encourage organisations to strive for good practice as a matter of self-interest and good business practice, and we aim to minimise the cost and complexity of compliance. We take a risk-based and targeted approach to enforcement, being tough on those who deliberately or persistently fail to deliver the benefits intended by the law.
As a strategic regulator we will often be at our most effective when influencing the behaviour of organisations to secure good practice. This plan gives measurable outcomes for our performance where this is possible and meaningful, although not everything can be quantifiably measured. We will however continue to develop ways of measuring our performance.
Our stance is to be influential, responsible and practical. We aim to make a difference: improving access to official information and the protection of personal information by influencing, challenging and enforcing. We want to encourage people to protect their rights and to demand that organisations fulfil their obligations and act responsibly.
The ICO’s priorities over the next three years are:
- Deciding freedom of information and environmental information cases efficiently in ways which inspire confidence and which promote a genuine open government culture;
- Strengthening public confidence in data protection by taking a practical, down-to-earth approach: simplifying and making it easier for the majority of organisations who seek to handle personal information well, and tougher for the minority who do not;
- Developing a dynamic and growing organisation, socially responsible and quick to respond, well-led, well-managed, effective, efficient and influential; in short an organisation of which we are all proud, delivering real benefits to society.
The long-term test of how well we are delivering this plan is to be able to demonstrate that:
- public sector culture has changed so that open government is widely seen as normal and natural;
and
- organisations collect and use personal information in proper and secure ways, routinely recognising and addressing privacy concerns and avoiding the dangers of a surveillance society.
Building on the international respect we have gained so far, we aim to be regarded as a world leader on both freedom of information and data protection issues.