ICO to launch web data-protection code

The Information Commissioner's Office plans to launch a public consultation about how businesses can build privacy technology into online web services, as it prepares to introduce a code of practice next year.

A code of practice is needed to help make sure privacy enhancement is built into innovative web technologies from the beginning, assistant information commissioner Jonathon Bamford said on Wednesday.

"Technology is being used in innovative ways to exploit personal information, but not always to protect it. Systems have lagged behind in data protection," said Bamford, addressing technologists at a data-protection conference in London. "It's better to build in rather than bolt on protection. How many of you have done that?"

Bamford said that the ICO would begin its consultation by December, with a view to publishing the code of practice by May next year. He told ZDNet UK on Wednesday that while the code of practice would not be legally binding, companies that followed the code would be complying with data-protection law, as the code would present the law's requirements in an easily digestible form.

"We want to drive up compliance, and rather than have companies wade through a load of legal gobbledegook, a code of practice will document good practice point-by-point," said Bamford. "We are concerned how websites obtain personal information, how it is used and who they give it to."