The Information Commissioner’s Office (ICO) has approved a fourth GDPR certification scheme aimed at training and qualification providers following the success of other schemes looking at areas including children’s data privacy and age assurance technology.
The certification scheme criteria across the board will enable users and candidates to have total freedom over who they share their personal data with and instil confidence that their data privacy rights will be met.
Emily Keaney, Deputy Commissioner, Information Commissioner’s Office commented:
“All four of these certification schemes are hugely positive developments for organisations to be a part of. Not only do they offer certainty to businesses to get things right, but they also provide a binding framework for organisations to sign up to, ensuring they raise the bar when it comes to data protection.
In an era where trust and accountability are paramount, these schemes are a way of reassuring your customers, clients and suppliers that you hold additional expertise in a given area, are committed to building data privacy into your work and adhere to strong standards.
The newest of these four schemes in particular additionally shows that organisations value their candidates’ personal information and have taken additional steps to protect it.”
Previously, Tony Allen from the Age Check Certification Scheme – the guardian body of certification standards whic developed criteria for two schemes relating to age assurance and children’s online privacy – made light of the fact that there are not enough standards governing GDPR compliance.
Many UK authorities have pushed to upgrade legal requirements for companies to verify the age of users accessing pornography sites alongside significantly strengthening the Online Safety Bill.
France’s online safety bill recently voted in favour of extending privacy obligations over users’ data to social media platforms as well as porn websites, allowing users to have “double anonymity” through the exchange of tokens between digital ID providers and end sites.