The servant of two masters: ICO and OFCOM Joint Statement on Online Safety and Data Protection – coordination so service providers can comply with both
On 25 November 2022, the UK Information Commissioner’s Office (ICO) and the Office of Communications (OFCOM) (together, the Regulators) released a joint statement setting out their shared views on the interactions between online safety and data protection (the Statement). The Statement, which is primarily intended for online services providers in scope of the Online Safety Bill, follows the recent announcement that the Online Safety Bill will return to Parliament and be provisionally debated on the 5 December.
Given that the Online Safety Bill is still going through the parliamentary process, the Regulators have approached the Statement based on the current drafting of the Online Safety Bill and the broad principles it sets out; we can expect that the Statement may evolve to reflect any future drafting amendments to the Online Safety Bill.
In essence, the Statement picks out areas where online service providers might breach data protection rules in their efforts to comply with their Online Safety Bill obligations and outlines how the Regulators will work together to guide online service providers to comply with both. It is a good example of the operation of the new Digital Regulatory Cooperation Forum, through which different UK regulators will coordinate policy and enforcement in the digital sphere.