The Information Commissioner's Office hosted its first-ever sandbox workshop event in London on Wednesday as part of its initial steps towards developing a regulatory sandbox that aims to help manufacturers incorporate security in their devices at the design stage.
In September last year, the ICO first announced its intent to create a regulatory sandbox that would advise manufacturers of IoT devices on how to create new products with both privacy and innovation in mind. It is hoped that with the ICO sandbox, organisations will be able to ensure appropriate protections and safeguards when developing new technologies.
In order to create a sandbox that would best support organisations of all sizes and in multiple sectors, the ICO invited manufacturers to participate in a sandbox workshop event not only to understand what mechanisms and operational approaches it should take, but also identify areas where data protection might be perceived as a barrier to innovation.
In a sandbox discussion paper published in January, the ICO announced that it would soon launch a beta phase of its sandbox and said that it would initially involve ten organisations of different types and sizes to test its functioning. If successful, the sandbox will form a permanent part of its regulatory toolkit.
"We are keen to hear from all kinds of organisations, whether you are a small tech firm from Manchester or a large innovation hub. We want to make sure we are playing a supportive role, helping innovators bring new products to market in a way that is safe and compliant," said Chris Taylor, ICO head of assurance (sandbox, codes, certification and eIDAS).
In its discussion paper, the ICO said that the sandbox would, among other things, carry out informal supervision of products and services, carry out step-by-step analysis of processing activity, organise workshops with design and development teams at an early stage and advise organisations about risk mitigation and privacy by design/default.
The beta phase of ICO's sandbox will be run from July this year to September 2020 and will involve ten selected organisations of different types and sizes. Full details of the beta phase will be published by the end of March and organisations will be allowed to apply before the end of April.
SC Magazine UK reached out to the ICO to understand significant takeaways from the sandbox workshop event that took place on Wednesday and whether the ICO was able to finalise the processes necessary to launch a fully functioning beta phase of the sandbox in the near future.
In response, Chris Taylor, ICO head of Assurance (Sandbox, Codes, Certification and eIDAS), told SC that the discussion workshop was a really helpful part of the ICO's ongoing development of the sandbox.
"We had a fantastic range of organisations represented from right across the public, private and third sectors and of all sizes, from new and emerging start-ups right up to much larger organisations.
"The quality of debate was really high and participants provided a huge amount of feedback. There was lots of support for the approach we are taking and plenty of really helpful and informed suggestions on where we can make enhancements – one example being to make sure we are very clear about the potential benefits for organisations that might be involved."
He added, "There were many more useful observations that we will consider as we continue to build our sandbox."