Skip to main content

Parking: Data Protection

Question for Department for Digital, Culture, Media and Sport

UIN 128866, tabled on 21 February 2018

To ask the Secretary of State for Digital, Culture, Media and Sport, what steps his Department takes to ensure that private car park operators are compliant with data protection regulations; and what assessment he has made of the extent of compliance with such regulations in that sector.

Answered on

1 March 2018

The Information Commissioner’s Office (ICO) is responsible for regulating compliance with data protection legislation. The ICO is an independent body sponsored within government by the Department for Digital, Culture, Media and Sport.

Government are currently modernising data protection laws in the UK through the Data Protection Bill to make them fit for purpose for our increasingly digital economy and society. The EU’s General Data Protection Regulation (GDPR) comes into force on 25th May 2018. All UK businesses together with all organisations that process personal data will be required to comply with this regulation and also the UK's full data protection regime as set out in the Data Protection Bill. The ICO provides guidance and support to UK organisations and have already published a number of resources on the Commissioner's website ( to help organisations prepare. The ICO has: launched a dedicated helpline service for smaller organisations; updated its 'SME toolkit' to reflect the requirements of the GDPR; simplified its "12-step" GDPR preparation guidance; and published tailored guidance for charities.