The UK telecoms and media regulator, Ofcom, has launched a new consultation that will update and extend their information gathering policy, which largely reflects the fact that they’ve gained new powers to extract information from companies and broadband providers etc. to support their work.
Ofcom’s existing policy on information gathering was published in March 2005, although they last consulted on changes in 2015, which led to significant adjustments in their practical processes including the establishment of the Information Registry, a dedicated team to deal with the coordination of our information gathering activities.
Since 2005, the regulator has also been given additional information gathering powers under legislation which requires them to publish a statement of general policy (including in relation to post and telecoms security). “We consider now is an appropriate time to update our policy to reflect our new processes and additional powers,” said Ofcom.
Advertisement
However, Ofcom aren’t required to publish a policy for all of their information gathering powers, and this new policy will thus not apply where they have separately set out how they intend to exercise their information gathering powers under another regime.
For example, the regulator has published separate guidance in relation to their information gathering powers under the Network and Information Systems Regulations 2018. In addition, they also intend to consult shortly on separate standalone guidance on how they will exercise their new information gathering powers under the Online Safety Act 2023.
What we are proposing – in brief
• To expand the general policy to cover additional information gathering powers we have acquired since 2005 under legislation which requires us to publish a statement of general policy (including in relation to post) and clarify the scope of the policy under other legislation.
• To update and clarify the text to reflect our experience of issuing statutory information notices in practice, having regard to the responses to our 2015 consultation.
• To provide further detail on how we will handle statutory information notices including:
o the role of the Information Registry and how it coordinates information gathering for Ofcom;
o where we may make use of information provided voluntarily;
o typical processes including the issuing of draft statutory information notices;
o use of information including disclosure and confidentiality;
o record retention and personal data; and
o information security.• To clarify our approach to enforcement and what we expect from stakeholders when responding to a statutory information notice.
Ofcom are now seeking feedback on all this from stakeholders and they aim to publish an outcome by the end of 2024, assuming no problems arise.
Advertisement
This site uses Akismet to reduce spam. Learn how your comment data is processed.
I would have thought the essential new powers that ofcom require ,are those to regulate code operators build of infrastructure to stop overbuild of infrastructure predominately in urban areas .
To enforce the code of practise so that where infrastructure exists that is FFTP ,gigabit capable and accessible either underground or by existing telegraph poles it MUST be shared . Multiple unnecessary infrastructure is not progress
As someone on the receiving end of the bureaucracy, it is such an incredible waste of taxpayer to keep making new reports and be DEMANDED by the ofcommunists to hand over valuable data without any compensation whatsoever. Not only do they keep coming up with new requests, they DEMAND every minor change to be complied with
“how dare you not capitalize the 3rd word in the column header you peasant?! go back to the drawing board and capitalize the 3rd but not the 4th word!!!”
Also insane that the GDPR does not apply, hackers can have a field day
big brother’s neck grows ever longer when it should be wound in