Eleanor Brooks

Photo of Eleanor Brooks

Latest Articles

The Centre for Data Ethics and Innovation (CDEI) is inviting submissions to help inform its review of online targeting and bias in algorithmic decision making. Online targeting Online targeting refers to providing individuals with relevant and engaging content, products, and services. Typically users experience targeting in the form of online advertising or personalised social media feeds. CDEI identified online targeting as a particular issue due to the complex and opaque flows of data that are…
Researchers at the Information Commissioner’s Office (ICO) have started a series of blogs discussing the ICO’s work in developing a framework for auditing artificial intelligence (AI). In the first blog of the series, the discussion revolves around the degree and quality of human review in AI systems, specifically, in what circumstances human involvement can be truly “meaningful” so as to create non-solely automated AI systems. Risks inherent in complex AI systems The ICO and European
The European Data Protection Board (EDPB) met for its ninth plenary session on 9 and 10 April 2019. The EDPB discussed a number of issues concerning the application of the General Data Protection Regulation 2016/679 (GDPR), outlined in the agenda. One of the key developments was the adoption of draft guidelines by the EDPB on the scope and application of GDPR Article 6(1)(b) which is largely known as ‘contractual necessity’ or ‘performance of a…
The Information Commissioner’s Office (ICO) recently published a summary report of its fact finding forum on data protection issues arising from advertising technology (adtech). Adtech is a term commonly used to refer to all technologies, software and services used for delivering and targeting online advertisements. The ICO compiled responses from over 2,300 participants in an online survey, and conducted fieldwork with more than a hundred stakeholders (publishers, advertisers, start-ups, adtech firms, lawyers and citizens). The…
On 12 March 2019, the European Parliament issued its first position on the text proposed by the European Commission for a Regulation of the European Parliament and of the Council on ENISA (the European Union Agency for Network and Information Security), also known as the EU Cybersecurity Act. Initiatives to build strong EU-wide cybersecurity The EU Cybersecurity Act was proposed in 2017 to: i) Provide a permanent mandate for ENISA (to replace its limited mandate…
In April 2018 the European Commission (Commission) published its Communication on the digital transformation of health and care in the Digital Single Market (Communication). The Commission outlined the need for reforms to health care systems and the development of innovative digital solutions. On 6 December 2018, the European Economic and Social Committee (EESC) published its opinion on the Communication (Opinion) in which it expressed its agreement with the vision set out by the Commission. Opinion…
The Joint Committee on Human Rights has launched an inquiry into the right to privacy under Article 8 of the European Convention on Human Rights (ECHR) and the “Digital Revolution”. The inquiry will examine whether further safeguards to regulate the collection, use, tracking, retention and disclosure of personal data by private companies are required to protect human rights in the new digital age. The key human right considered to be at risk is the right…
“2018 was the year that people have woken up to the importance of privacy and have begun to bite back at big tech”. This was the view expressed by James Dipple-Johnstone, Deputy Commissioner (Operations) at the UK Information Commissioner’s Officer (ICO), during his recent speech at the Institute of Directors in London. The speech focused on the ICO’s regulation of tech giants in the digital age. It highlighted the many benefits of big tech and…
Earlier this month, the Information Commissioner’s Office (ICO) published security guidance in its guide to the General Data Protection Regulation (GDPR). The guidance focuses specifically on encryption and passwords. It suggests points to be considered during implementation and offers some helpful “dos and don’ts”. Encryption Article 32 of the GDPR specifies encryption as an example of an appropriate technical and organisational measure. The guidance states four things that should be considered when implementing encryption: The…
The UK government launched its Smart Data Review on 28 September 2018 (Review). The Review will look at how technology, such as online comparison tools and open banking, can be used to make it easier for consumers to get good deals on essential services and put an end to consumers paying unjustifiable ‘loyalty penalties’ for staying with their service providers rather than switching. Background to the Review The government’s Modernising Consumer Markets green paper highlighted…