Insights Online Safety: Ofcom and ICO publish joint statement about working together


Ofcom and the Information Commissioner’s Office (“ICO”) have published a joint statement setting out how they intend to collaborate in regulating online services. It follows and builds upon an earlier joint statement in 2022 which anticipated a closer working relationship between the two regulators on the subject of online safety.

The joint statement outlines how employees of both regulators will identify and monitor the emergence of what are described as ‘Collaboration Themes’. These are areas of common interest to both the ICO and Ofcom because of their “thematic and substantive relevance to the online safety and data protection regimes”. The statement includes the following non-exhaustive list of examples of such ‘Collaboration Themes’: age assurance; recommender systems; proactive tech and relevant AI tools (such as content/behaviour identification technology and user profiling technology); default settings and geolocation settings for child users; online safety privacy duties; and upholding terms, policies and community standards. It is anticipated that these themes will be added to over time. Once identified, teams from each regulator will discuss how best to collaborate, including whether to engage jointly on matters so as to ensure a coherent and consistent approach.

In addition to monitoring whether there are overlaps in the sorts of work each regulator is conducting, Ofcom and the ICO will also monitor whether there are ‘Companies of Mutual Interest’ which are subject to both the online safety and data protection regimes, and consider whether a more collaborative approach is warranted.

In the cases of both ‘Collaboration Themes’ and ‘Companies of Mutual Interest’ being identified, any collaboration between Ofcom and ICO will likely require the sharing of a limited amount of information. The statement sets out that both regulators will comply with the relevant statutory frameworks as regards information sharing, and indicates how they will approach the sharing of information depending on the particular circumstances which arise.

The joint statement concludes by making it clear that the two regulators will regularly review the effectiveness of their collaboration, and inform stakeholders about any updates to their joint ways of working.

To read the statement in full, click here.