Tag Archives: John Edwards

June 23, 2026 · 9:15 am

Something rotten in the state of Wilmslow

I realise that I’ve written reams on LinkedIn, but nothing here, to reflect the ignominious departure of Information Commissioner, John Edwards. This is cobbled together from those posts.

Very early on the morning of 19 June, Information Commissioner John Edwards announced on LinkedIn an intention to resign, citing “poor judgement and…attempts at humour that were inappropriate and caused offence”.

This was in reference to the “independent workplace investigation” into his conduct, which had led to his stepping aside from his duties at the end of February: a fact which the ICO kept from the public, and from most of its own staff, for several weeks (might others have come forward in that time, had they known more?), and which they only publicly acknowledged after Edwards posted about the investigation on LinkedIn.

Edwards’ comments appear to have had the effect of stealing a march on the ICO’s and the government’s own communications. They were picked up by a lot media and commentators and run as “resignation over inappropriate humour”.

But, by the end of the day, the Secretary of State for his sponsor department, Science, Innovation and Technology, Liz Kendall, had revealed that, much more than that, she had

seen evidence of the vulgar and highly sexualised language that was used in his interactions with his staff and am extremely concerned that he continues to describe these incidents as misplaced humour. Multiple women shared testimony to the investigator on feeling offended, shocked and uncomfortable following interactions with Mr Edwards.

The ICO then put out a statement on 20 June, saying that

Mr Edwards’ actions were completely at odds with our values. We do not accept sexual harassment, bullying or discrimination in any form and have clear policies in place to deal with issues such as these.

And then, on 22 June, MLex reported (£) that

Despite the ICO’s relative silence, comments about the workplace culture at Britain’s privacy regulator have been increasingly common since the investigation started, even if most remarks were made privately…MLex understands Edwards was often described as “a bully” by current and former ICO employees. Beyond complaints of harassment and dismissive treatment of staff, a disproportionate growth in the numbers of staff at director and executive director levels while lower-grade staff were under extreme stress was also pointed out as a key factor contributing to a poor workplace environment.

Quite frankly this is a disgrace. My sympathy is with those who had to work with him in what appears to have been a toxic environment.

And questions still hang over this: how long has this behaviour been known about? and by whom?

The views in this post (and indeed most posts on blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under Information Commissioner, John Edwards

Tagged as ,

March 1, 2024 · 7:02 am

John Edwards evidence to the Angiolini inquiry

On 29 February Lady Elish Angiolini published the first report from her inquiry into how off-duty Metropolitan police officer Wayne Couzens was able to abduct, rape and murder Sarah Everard.

Information Commissioner John Edwards contributed to the inquiry, and his evidence is cited at 4.320 (the paragraph is quoted below). It deals with the profoundly important (and perennially misunderstood) issue of data-sharing within and between police forces.

Although for obvious reasons the identity and content of some witness evidence to the inquiry is being kept anonymous, there should be no obvious reason that Mr Edwards’s is, and I hope that the Information Commissioner’s Office will, in addition to publishing his press statement, also publish any written evidence he submitted. It would also be good to know the details of the work Mr Edwards says his office is doing, and continuing, with the police, in this context.

In discussions with senior leaders of relevant organisations, the Inquiry was told that gaps in information-sharing between human resources, recruitment, professional
standards and vetting teams – and, indeed, between forces themselves – were a
significant barrier to capturing a clear picture of officers. The Inquiry heard from different sources, including senior leaders, that there are significant barriers to
information-sharing. Some cite data privacy and protection laws as a reason not to
share information. However, in a discussion with the Information Commissioner, John Edwards, the Inquiry was assured that data protection law recognises that there are legitimate reasons for information-sharing, particularly given the powers attributed to police officers. Indeed, Mr Edwards suggested that data protection law is widely misunderstood and misconstrued, and highlighted a failure of training in this regard.

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under access to information, Data Protection, data sharing, Information Commissioner, police

Tagged as , , ,

September 27, 2023 · 7:23 am

Soft regulation = poorer compliance?

The Information Commissioner’s Office (ICO) has published reprimands against seven separate organisations all of whom committed serious infringements of data protection law by inadvertently disclosing highly sensitive information in the context of cases involving victims of domestic abuse.

The ICO trumpets the announcement, but does not appear to consider the point that, until recently, most, if not all, of these infringements would have resulted in a hefty fine, not a regulatory soft tap on the wrist. Nor does it contemplate the argument that precisely this sort of light-touch regulation might lead to more of these sorts of incidents, if organisations believe they can act (or fail to act) with impunity.

I have written elsewhere about both the lack of any policy or procedure regarding the use of reprimands, and also about the lack of empirical evidence that a “no fines” approach works.

I think it is incumbent on the Information Commissioner, John Edwards, to answer this question: are you confident that your approach is not leading to poorer compliance?

The cases include

  • Four cases of organisations revealing the safe addresses of the victims to their alleged abuser. In one case a family had to be immediately moved to emergency accommodation. 
  • Revealing identities of women seeking information about their partners to those partners. 
  • Disclosing the home address of two adopted children to their birth father, who was in prison on three counts of raping their mother. 
  • Sending an unredacted assessment report about children at risk of harm to their mother’s ex-partners. 

The views in this post (and indeed most posts on this blog) are my personal ones, and do not represent the views of any organisation I am involved with.

Leave a comment

Filed under Data Protection, Information Commissioner, monetary penalty notice, reprimand, UK GDPR

Tagged as , , ,