Following a long wait, the UK’s data protection regulator, the Information Commissioner's Office (ICO), has published its new draft journalism code of practice (Code) and opened it up to consultation. The ICO is encouraging parties to submit their views on this draft.
The Code, which runs to 93 pages, covers some particularly challenging issues for the media industry. In this article, we explain the context and scope of these issues and some of the areas where further clarification is required.
What is the draft Code and will it be legally enforceable?
The document is one of a handful of statutory codes the ICO is required to publish under the Data Protection Act 2018. As it is a statutory code of practice, the ICO, courts and tribunals are required to take it into account when considering issues arising in relation to data protection compliance and proceedings. Generally, the courts will give weight to statutory codes of practice, taking the approach that they should be considered carefully unless there is a good reason not to.
One of the key purposes of the Code is to act not as a stick but as a guide to assist individuals and organisations in their understanding of the laws and legal obligations under UK data protection laws in the context of journalism. Ever since the last version of the Code needed to be updated following the General Data Protection Regulation (GDPR), the media industry has been eagerly waiting for this latest update, and further guidance such as this is certainly welcomed.
Who is the code aimed at? What is ‘journalism’?
The Code is aimed at data controllers in the field of journalism. Whilst this may sound narrow, ‘journalism’ is a broad term that may cover the disclosure of information, opinions, or ideas, by any means, to the public. Professional journalists and media organisations engaged in journalism (regardless of whether this is digital, print or broadcast, radio or television content) are covered, but so are citizen journalists.
Although the focus of the Code is on journalistic activity, it will also have broader value throughout the media sector. In the absence of other media-specific guidance from the ICO, this document will become a primary resource and reference point for expectations more broadly in relation to media content.
What does the draft Code cover?
The Code covers many aspects of data protection law so much of it is familiar and serves as a reminder of what organisations will already know.