Canada’s Denham Set for New Role as UK's Information Commissioner
Canadian Elizabeth Denham has been chosen by the UK government as its preferred choice to fill Christopher Graham’s shoes as the next information commissioner.
Culture Secretary John Whittingdale confirmed the current British Columbia information and privacy commissioner as his choice for the UK’s data privacy tsar in a press release yesterday.
The appointment will be made pending a pre-scrutiny hearing by the Culture, Media and Sports Select Committee and final approval by the Queen.
If successful, Denham will take over the role this summer for a period of five years.
She left her role after three years as assistant privacy commissioner of Canada in 2010 to become commissioner at the Office of the Information and Privacy Commissioner for British Columbia.
There she was responsible for enforcing the Canadian Freedom of Information and Protection of Privacy Act (FIPPA), the Personal Information Protection Act (PIPA), and the Lobbyists Registration Act (LRA).
Before her role as assistant privacy commissioner in Ottowa, Denham was director at the Office of the Information and Privacy Commissioner of Alberta, from 2003-2007.
Incumbent Christopher Graham will end up serving seven years at the ICO after extending his initial five-year spell. He cannot be reappointed under the terms of the Protection of Freedoms Act 2012.
Under Graham’s tenure the ICO has handed out some major fines to organizations found to have contravened the Data Protection Act.
Most recently the watchdog levied its biggest ever fine of £350,000 against a lead generation firm found to have been responsible for 46 million nuisance calls.
The office has in the past been accused of being something of a toothless watchdog, choosing ‘education’ over enforcement and fines.
It received particular criticism over its dealings with Google. The web giant has been fined millions by regulators in other countries over the collection of individuals’ Wi-Fi data by its Street View cars, but the ICO decided not to.
In Italy it was slapped with a $1.4m fine, for example.
Source: Information Security Magazine