Preiskel & CoPreiskel & Co
Preiskel & Co
  • Home
  • About Us
    • Diversity, Social Responsibility, and Pro Bono
  • Services
    • Corporate
    • Commercial
    • Regulatory
    • Competition & Antitrust
    • Data Protection, Privacy, and Retention
    • Intellectual Property
    • Dispute Resolution
    • Employment
  • Sectors
    • Telecommunications
    • IT, Technology, & Internet
    • Media and Broadcasting
    • Websites, Blogging, & Social Media
    • Film & Television
    • Gambling & Online Gaming
    • Leisure & Retail
    • Energy & Minerals
    • Cryptocurrency & Blockchain
    • Creative Industries
  • People
    • Daniel Preiskel
    • Ronnie Preiskel
    • Tim Cowen
    • Jose Saras
    • Robert Dougans
    • Karthyaeni Vittala
    • Tina Cowen
    • D A T Green
    • Richard Stewart
    • Mor Swiel
    • Ilanit Appelfeld
    • Stephen Dnes
    • Daniel Oakland
    • Robert Harvey
    • Martina Raciti
    • Joanna Coombs-Huang
    • Xavier Prida
    • Stewart White
    • Alison MacFarlane
    • Hannah Leader
    • Peter Dally
    • Antony Corel
    • Sue Warwick
    • Tony Curzon-Price
    • Shardi Shameli
    • Stephen Hornsby
    • Ewelina James
    • Maria Constantin
    • Sophia Yakhno
    • Rachael Machado
  • International
  • Blog
  • News
    • Publications
  • Contact
Menu back  

ICO consultation on draft guidance for the research provisions within the UK GDPR and the DPA 2018

April 20, 2022By Preiskel & Co

The Information Commissioner’s Office (“ICO”) has published a draft guidance on the research provisions in the UK General Data Protection Regulation (Regulation (EU) 106/679) (the “UK GDPR”) and the Data Protection Act 2018 (the “DPA”) (the “Draft Research Guidance”) and launched a public consultation seeking feedback on the Draft Research Guidance.

The Draft Research Guidance highlights:

  • the provisions relating to research in the legislation;
  • how they fit together and their practical effect; and
  • definition of key terms.

The ICO clarified that the Draft Research Guidance is intended to help those engaged in research to carry out their processing in compliance with the law and to provide researchers confidence to make use of the provisions where appropriate.

The UK GDPR and the DPA contain a number of provisions for processing personal data for research purposes. The Draft Research Guidance lists three types of “research related purposes”:

  • archiving purposes in the public interest;
  • scientific or historical research purposes; and
  • statistical purposes.

It provides a useful list of criteria that can be used to identify whether a purpose for processing personal data is likely to be considered a research related purpose.

The UK GDPR and the DPA provisions cover three broad areas of data protection:

  1. The data protection principles
    • The purpose limited principle (Article 5 UK GDPR) allows processing of personal data for specified, explicit and legitimate purposes. Any further processing must be compatible with the original processing unless it is for a research related purpose.
    • This means that there is no requirement to identify a further lawful basis for further processing for research unless the original lawful basis was consent. Where the original lawful basis was consent, fresh consent to re-use will be required.
    • The ICO says the processing must still be generally fair and lawful, and privacy information should be updated to ensure the processing is transparent.
    • Article 5 UK GDPR provides a further exception to the storage limitation principle, which says that personal data can be kept indefinitely to the extent that it is processed for one of the research related purposes.
  1. A condition for processing special category data and criminal offence data
    • Article 9(1) UK GDPR creates a prohibition on processing special category data, which is data that requires more protection because it is considered sensitive and relates to matters such as race, ethnicity, health, genetic and biometric data, unless a condition applies. One of these conditions is that the processing is necessary for a research related purpose.
    • The DPA sets some requirements on relying on this condition and the Draft Research Guidance provides some helpful commentary on its understanding of these requirements.
    • For any personal data relating to criminal convictions and offences or related security measures, a lawful basis is required for its processing along with the fulfilment of other conditions in the DPA.
  1. Exemptions from data subjects’ rights
    • The UK GDPR and DPA contain a number of exemptions to complying with a data subject rights requests received from an individual. Such requests can include the right of access, erasure, rectification, portability, restriction and objection. For some of these rights, an exception is available if the data is processed for a research related purpose.
    • However, in relation to some of the rights, relying on this exemption is allowed only if complying with the request (i) would prevent or seriously impair achieving the purpose for processing and the processing is subject to the safeguards set out in Article 89(1) UK GDPR, (ii) is not likely to cause substantial damage or distress, and (iii) is not used to measure or make decisions about individuals.

The Draft Research Guidance advises that where possible, research should be carried out using anonymous or pseudonymous data. If not possible, the Draft Research Guidance will be helpful in navigating the various compliance hurdles in order to rely on the flexibility provided in the UK GDPR and DPA for processing data for research related purposes.

The consultation on the Draft Research Guidance is open for feedback  till  5 pm on Friday 22 April 2022.

 

Please contact Jose Saras if you have any questions regarding the above.

The material contained in this article is only for general review of the topics covered and does not constitute any legal advice. No legal or business decision should be based on its content.

Latest Preiskel & Co blog posts
  • White House’s Economic Report of the President sets out a roadmap to improve competition in digital markets
    March 22, 2023
  • Brussels Conference brings in industry leaders to discuss the international antitrust landscape
    March 22, 2023
  • Issues in the UK’s forthcoming Digital Markets, Competition and Consumer Bill
    March 17, 2023
  • Stormy weather for cloud computing in the EU
    March 16, 2023
  • Inmarsat Takeover Provisionally Cleared for Take-Off
    March 10, 2023
  • EDPB’s Feedback on the New EU-U.S. Data Privacy Framework
    March 6, 2023
  • UK Data Reform Bill to return to the House of Commons
    March 3, 2023
  • DCMS Publishes New Security and Privacy Principles for App Store Operators and Developers
    February 16, 2023
  • DPO’s Dismissal & Conflicts of Interest Under The EU GDPR – CJEU Ruling
    February 14, 2023
  • ICO – Change of Deadline for Reporting Breach Notifications for Communication Service Providers
    February 6, 2023
  • General EU Requirements for Cookie Banners – EDPB Task Force Report
    January 27, 2023
  • Ofcom Launches Investigation into BT Following Suspected Breaches of Consumer Protections Post Implementation of EECC
    January 27, 2023

The Preiskel Blog

  • White House’s Economic Report of the President sets out a roadmap to improve competition in digital markets 22 Mar 2023
  • Brussels Conference brings in industry leaders to discuss the international antitrust landscape 22 Mar 2023
  • Issues in the UK’s forthcoming Digital Markets, Competition and Consumer Bill 17 Mar 2023
  • Stormy weather for cloud computing in the EU 16 Mar 2023

Preiskel news

  • Senior Partner, Danny Preiskel, quoted by IT Pro on the costs incurred by MNOs
  • Senior Partner, Danny Preiskel, will be a panellist at GCCM Carrier Community 2023 on IOT
  • Jose Saras and Xavier Prida Awarded First Place as Data Protection Thought Leaders in the UK
  • Ronnie Preiskel chosen to judge 24 May 2023 The Tech Capital Global Awards
Preiskel tweets
  • Issues in the UK’s forthcoming Digital Markets, Competition and Consumer Bill. Find out more: https://t.co/3BHP1xq69Y4 days ago
  • White House’s Economic Report of the President sets out a roadmap to improve competition in digital markets. Find o… https://t.co/S7J7sX3kfs4 days ago
  • Brussels Conference brings in industry leaders to discuss the international antitrust landscape. Find out more at: https://t.co/JN5P4COQ4f4 days ago
Preiskel & Co LLP
4 King's Bench Walk,
Temple,
London
EC4Y 7DL
United Kingdom

Tel: +44 20 7332 5640
Email: info@preiskel.com

Find us on:

TwitterLinkedinMail
© Preiskel & Co LLP 2023 | Site map | Legal notices | Cookie Policy | Privacy