Steve took up the position of Deputy Commissioner in 2017 and has worked at the ICO for over 10 years in a range of policy roles related to freedom of information and data protection, during a crucial period of the ICO’s evolution. He has been engaged with the EU General Data Protection Regulation (GDPR) since 2012 – leading the ICO’s input into the negotiations and then the implementation. He has also led the development and implementation of the ICO’s statutory age appropriate design code, which was laid in Parliament in 2020.
Steve is responsible for the ICO’s regulatory strategy function – ensuring that the ICO is identifying the right strategic questions and policy issues, joining up policy activities and supervising the effectiveness of the policy decisions that guides the ICO’s work. This includes the ICO’s international leadership and strategic policy direction on ICO regulatory priorities. Steve also oversees the ICO’s internal policy development programme, which covers both policy as a profession and policy as a methodology.
In November 2019 Steve was appointed chair of the OECD’s working group on Data Governance and Privacy. He was also a member of the Article 29 working party and European Data Protection Board between 2015 and 2020 and is co-chair of the Commonwealth network of data protection authorities.
Prior to joining the ICO Steve was a Senior Lecturer in Information Management at Liverpool John Moores University, co-authoring a textbook on Business Information Management and editing the freedom of information blog, which won the international information industry award for ‘best blog’ in 2005.