The Information Commissioner’s Office (ICO) and the South Korean Personal Information Protection Commission (PIPC) have always had a strong relationship.
Both the ICO and the PIPC have similar objectives: upholding people’s information rights, whilst supporting digital innovation and economic development. This shared vision is in line with the recently announced Data Reform Bill which aims to create a:
“world-class data regime…that reduces burdens on businesses, boosts the economy, helps scientists innovate, and improves the lives of people in the UK”.
ICO and PIPC Memorandum of Understanding
Given the above, the ICO and the PIPC have entered into a Memorandum of Understanding which sets out how the two authorities will work together going forward. Both the ICO and the PIPC within the Memorandum have recognised:
“the nature of the modern global economy, the increase in the circulation and exchange of personal data across borders, the increasing complexity of information technologies, and the resulting need for increased cross-border enforcement cooperation”.
The Memorandum of Understanding sets the framework for how the two authorities will continue to share experiences and best practices, cooperate on specific projects of interest, and share information or intelligence to support their regulatory work.
What does the ICO and PIPC Memorandum of Understanding set out?
The two authorities have agreed to cooperate in a number of different ways. Interestingly, one of the ways they are intending to cooperate is by conducting joint investigations into cross-border personal data incidents whereby the organisations are in both jurisdictions.
The Memorandum of Understanding does not extend to the sharing of any personal data between the ICO and PIPC. For example, if either authority wishes to share any personal data in relation to any cross-border incidents (in line with their above agreement to cooperate) they need to consider compliance with their own data protection laws before sharing such data. This reflects the ICO’s commitment to protecting the personal data of UK citizens while enabling opportunities for digital innovation.
John Edwards, the UK Information Commissioner, has published the following comment in relation to the Memorandum of Understanding:
“I’m pleased the MoU publicises our collaborative efforts to protect our citizens personal data. The ICO and the PIPC face common challenges in regulating our increasingly digital and globalised world. The PIPC and ICO share a number of regulatory goals and aspirations to aid us in finding impactful pragmatic solutions to protecting our citizens and supporting business.”
The Memorandum of Understanding is a statement of intent. It is not legally binding on either of the authorities. Notwithstanding this, it is still an important step in relation to cross-border data sharing.
Comment
The Memorandum of Understanding is just one of the many things the ICO seems to be doing to further the message within the Data Reform Bill. With the increase of digital data, the sharing of data internationally seems to be a common occurrence. The ICO has recognised this and appears to be adapting accordingly. It will be interesting to see if they enter into any similar agreements with other countries.
How Nelsons can help
Ruby Ashby is an Associate in our expert Dispute Resolution team.
If you need any advice concerning the subjects discussed in this article, please do not hesitate to contact Ruby or another member of the team in Derby, Leicester, or Nottingham on 0800 024 1976 or via our online enquiry form.
Contact us