ICO launches online code of practice

Information Commissioner Christopher Graham launched the new code of practice

Data protection watchdog the Information Commissioner's Office (ICO) today launched a code of practice designed to give organisations practical advice on how best to protect the privacy of their customers online.

The new Personal Information Online Code of Practice, launched today at an event in Manchester, is currently in draft form only, with the ICO inviting suggestions for improvement from those who will be affected by it.

"The internet offers great possibilities for convenience and for new experiences, but it can also present risks. This code explains the privacy risks that can arise and suggests ways of dealing with them by adopting good practice, " states the introduction to the guide.

"This code sets out clear, comprehensive recommendations for handling personal data properly and for giving individuals the right degree of choice and control over it. It should also help all organisations with an online presence to negotiate areas of legal uncertainty by adopting good practice."

Topics covered by the code of practice include how to market goods and services online, operating internationally, and individuals' rights online.

Simon McDougall, lead for privacy and data protection at consultancy Deloitte, argued that the draft code of practice "could go further", but that it is "perfectly good as a consultation document" and would benefit most from the feedback it hopes to elicit.

"It's great that the ICO is producing this document and it's the right time for more guidance in this area," he said. "But it's really aimed at SMEs rather than larger firms – there's nothing in there that is going to teach experienced practitioners anything new."

He added that the ICO should perhaps take the opportunity to reach out to the more "sophisticated experts" in larger enterprises as well as SMEs in future versions of the document.