The Information Commissioner’s Office (ICO) is an independent public authority which is the United Kingdoms (UK) data protection regulator. Its task is to uphold information rights for the UK public. It enforces the Data Protection Act and has responsibility for the Freedom of Information Act 2000, Privacy and Electronic Communications (EC Directive) Regulations 2003, and the Environmental Information Regulations 2004.
The ICO has the following responsibilities:
- Ensuring organisations handle data legally.
- They handle complaints about the use of data.
- They maintain the register of data controllers.
- They investigate and prosecute in relation to the misuse of data.
- They uphold the rights under the Freedom of Information Act.
The General Data Protection Regulation (GDPR) was incorporated into UK domestic law with the Data Protection Act 2018. Article 51 of the GDPR requires each Member State to appoint a supervisory authority. Section 115 of the Data Protection Act 2018 appoints the ICO as the UK’s supervisory authority.