Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends
Posted in International/EU Privacy

UK ICO Requests Input for Guidance on GDPR Profiling Requirements

shutterstock_245812963 1The UK ICO has published what it describes as a feedback request on profiling and automated decision-making, with the intention that responses will “help inform the UK’s contribution to the WP29 guidelines due to be published later this year.”

Given the growing importance of profiling to most businesses,  companies should consider whether they wish to contribute their views, particularly on areas where they consider more guidance is needed on what GDPR’s requirements mean in practical terms. For example, the GDPR focuses on profiling that has a “legal” or “significant” effect, and the ICO discussion paper contains its “initial thoughts” on what might constitute significant effects, which includes “causing individuals to change their behaviour in a significant way.” As the ICO acknowledges, what amounts to a “legal” or “significant” effect can be somewhat subjective, and so this is an opportunity for businesses that engage in profiling to put forward their opinions and influence future guidance.

The deadline for responses is 28 April.