Elizabeth Denham, the new Information Commissioner, has revealed that the ICO has questioned Yahoo about its huge data breach, and is looking to probe WhatsApp and other Facebook-owned companies about their data sharing arrangements.
Denham said in her first speech as Information Commissioner that the ICO will choose its investigations carefully to ensure that they are relevant to the general public.
"Last Friday, the ICO stepped in to ask questions about the Yahoo data breach, which involved eight million UK accounts," she said.
Denham told BBC Radio 4 in a subsequent interview that she is concerned about Yahoo's two-year delay in informing the public of the breach.
"Why did it take so long for Yahoo to notify the public? It looks like it happened two years ago. What can these account holders do to protect themselves?" she said.
Denham also explained in her speech that the ICO is reviewing data sharing between WhatsApp and other Facebook companies, stating that "all of this is about transparency and individual control".
This follows a ruling in Germany that has banned data sharing between the two firms because not enough was done to make users of both services aware of the changes being introduced.
Denham also said that the ICO will appoint a chief technology adviser so that the watchdog can keep pace with the fast-paced nature of the areas it oversees.
"We are building on our own capacity for technology by analysing more, researching more and embedding technology into the future of the CIO. We are also seeking partnerships with universities, and we aim to support research into privacy by design solutions," she added.
Brexit and General Data Protection Regulation
Denham also touched on Brexit, admitting that the decision made her job more challenging but that the ICO is well prepared.
"Countries that are part of the EU are now preparing to adopt the new GDPR law in 2018," she said. "The referendum result has thrown our data protection plans into a state of flux."
The GDPR is technically already in force, but member states are not obliged to apply it until 25 May 2018, and Denham believes it "extremely likely" that GDPR will be live before the UK leaves the EU.
She said it is crucial that personal information can flow, despite not yet knowing where the UK stands in regards to the GDPR.
"The GDPR is a strong law, and once we are out of Europe we will still need to be deemed adequate or essentially equivalent," she said.
This means that UK organisations will almost certainly have to adhere to the regulations regardless of the country's position in the future.
Samsung very much in third place behind Android Pay and Apple Pay
Moribund Twitter ads nil, nada, zero users, while revenues fall five per cent to $574m
Wisconsin claims deal could result in 13,000 jobs and $10bn of investment from Foxconn by 2020
Streaming music is the future, whether you like it or not