- Security TWENTY
- Women in Security
The Information Commissioner’s Office (ICO) has opened the beta phase of its Sandbox. That’s a new service designed to support users of personal data to develop products and services of demonstrable public benefit.
The beta phase of the Sandbox, now open to applications, will enable users to work through how they use personal data in their projects with the ICO’s specialist staff to help ensure they meet data protection rules. The ICO adds that the Sandbox will also provide some comfort from enforcement action and, where feasible, public reassurance that products and services are not in breach of data protection law.
The Sandbox beta phase offers a free, professional service for about ten organisations, of varying types and sizes, across sectors. The ICO will consider applications from start-ups, SMEs and large organisations, whether private, public or voluntary sector.
The ICO will assess applications on the basis of whether the product or service being developed is innovative and can provide a potential demonstrable benefit to the public. Public benefit will be determined in terms of both breadth – the amount of people benefitting – and depth – the extent to which they benefit.
The ICO expects that many of the products that will come into the Sandbox may be operating in particularly challenging areas of data protection where there is genuine uncertainty about what compliance looks like. As a result, Sandbox participants may become use-cases from which the ICO anticipates change and develops public guidance on compliance.
Simon McDougall, Executive Director for Technology and Innovation at the ICO, said: “Thousands of organisations are working on projects using personal data to transform the way we live and work. We want to support this innovation whilst helping ensure that the products and services under development are compliant and deliver benefits to the public.
“Our Sandbox will provide the environment that organisations need to test new concepts and technologies. The lessons we learn together may identify more fundamental questions with broader implications for data protection, and could ultimately inform the development of new guidance or codes of conduct in particular sectors to pave the way for further innovation.”
Successful organisations will receive an on-site visit from a Sandbox team member, who will then work with them on a bespoke Sandbox plan. Organisations will exit the Sandbox by September 2020 when the beta phase is planned to finish.