On Wednesday 27 April the government’s preferred candidate for the new Information Commissioner appeared in front of the Culture, Media and Sport select committee, whose remit now extends to this post. Video here.
The CMS committee has now published its report, announcing:
On the basis of the evidence presented, we approve Elizabeth Denham’s appointment as Information Commissioner. We wish Elizabeth Denham well in her new post and look forward to working with her in the future.
Elizabeth Denham will replace outgoing Information Commissioner Christopher Graham who has served since 2009 (a five year term extended by two years – he cannot be re-appointed under the Protection of Freedoms Act 2012). A further statement from the committee is available here, which includes a statement from committee chair Jesse Norman MP:
“The Committee noted with interest Ms Denham’s views on a range of topics, including the possible retention of emails as official records, the extension of FOI and directors’ liability for data breaches, in particular.
We also noted Ms Denham’s track record on data protection with Government in British Columbia, and her proactive approach to protection of privacy with major international technology companies.”
 Elizabeth Denham has held senior leadership positions in the field of information rights in Canada over the last 12 years. Since 2010 she has been the Commissioner at the Office of the Information and Privacy Commissioner for British Columbia, Canada, where she is responsible for enforcing the Canadian Freedom of Information and Protection of Privacy Act (FIPPA), the Personal Information Protection Act (PIPA), and the Lobbyists Registration Act (LRA). Previously (2007–10) she was the Assistant Privacy Commissioner of Canada in Ottawa; having been a Director at the Office of the Information and Privacy Commissioner of Alberta (2003–7) …
 Ms Denham gave oral evidence to us on 27 April. We questioned her on the following topics:
- A comparison of the British and Canadian FoI and data protection regimes
- Her understanding of the EU Framework underpinning UK data protection law
- Whether and how the powers of the UK ICO might be extended in relation to FoI
- The application of FoI to all forms of communication, including social media, whenever any government information was under consideration
- Whether FoI should apply to non-Government entities delivering public services
- The application of the commercial confidentiality exemption from FoI to government contracts
- Issues of victims’ access to information highlighted by the Hillsborough inquiry
- The responsibility that company directors should have for cyber security
- Tackling nuisance calls
- The implications of amending the Regulation of Investigatory Powers Act to extend data retention
- Press Regulation: Lessons to be learned from Operation Motorman and the Leveson inquiry
- The ICO’s relations with Parliament
- The management challenge of moving from a relatively small state system to a national regulator
- Funding of the ICO
- The challenge of relocating to the UK