The Information Commissioner's Office regulates data protection across all UK sectors. For AI specifically, the ICO has issued guidance that has matured substantially through 2023-2025 and continues to develop. This article walks through what ICO expectations for AI actually require operationally.
Lawful basis for AI processing
UK GDPR requires a lawful basis for every processing activity. AI training and AI inference are both processing activities and both require an established lawful basis.
Common bases for AI processing:
● Consent, appropriate where the firm has a direct relationship with the data subject and meaningful consent can be obtained. Specific consent for AI training is harder to operationalise than consent for general service provision
● Contract, appropriate where processing is necessary for performance of a contract with the data subject. AI used to deliver contracted services typically qualifies; AI used for purposes beyond the contract typically does not
● Legitimate interests, appropriate where the firm's legitimate interests are not overridden by the data subject's rights and freedoms. Legitimate interests assessments for AI need to address the specific risks AI introduces
● Public task, appropriate for public sector AI in performance of a task carried out in the public interest
● Legal obligation, vital interests, public interest, narrower bases applicable in specific contexts
The lawful basis must be documented and must be appropriate to the specific processing. Reusing a lawful basis established for non-AI processing to cover AI processing is rarely defensible if challenged. Documentation that explains why the chosen basis fits the AI processing specifically is what stands up to ICO engagement.
Data Protection Impact Assessments for AI
DPIAs are required where processing is likely to result in high risk to the rights and freedoms of natural persons. The ICO has been clear that most consequential AI processing meets this threshold and requires a DPIA.
Operational expectations for AI DPIAs:
● Conducted before processing begins, not retrospectively after deployment
● Cover the specific AI use case, not generic AI processing, methodology, data, intended use, risks, mitigations
● Identify risks specific to AI, bias, opacity, automation, large-scale processing, profile-building, cross-context use
● Consider mitigations including technical measures, organisational measures, and design choices that reduce risk
● Document residual risk and senior management acceptance of the residual
● Updated when processing materially changes, including model updates, use case extensions, and data source changes
● Available to the ICO on request and forming part of the firm's accountability documentation
Transparency to data subjects
UK GDPR transparency obligations apply to AI processing. Data subjects need to be informed about the processing in clear, accessible language.
Specific AI transparency requirements:
● Notification that AI is being used as part of the processing where relevant, for AI affecting customer interactions, decisions, or outcomes
● UK GDPR Article 22 notifications for solely automated decision-making with legal or similarly significant effects, the right not to be subject to such decision-making, the right to human intervention, the right to contest
● Meaningful information about the logic involved in automated decisions, not requiring disclosure of model internals, but providing the basis for the decision in terms the data subject can engage with
● Information about the consequences of the processing for the data subject
● Privacy notices updated to reflect AI processing, not generic notices that fail to specifically address AI use
Generative AI specifically
The ICO has published specific guidance on generative AI, addressing the particular challenges that LLMs and similar models present for data protection compliance.
Key considerations for generative AI under ICO guidance:
● Lawful basis for training data, including consideration of whether scraped data, third-party data, or customer data are appropriate for training purposes
● Data subject rights when training data has been used, including the right of erasure, the right of rectification, and the implications when the model cannot easily un-learn specific data
● Output handling, generated content that includes personal data, generated content that misrepresents data subjects, and the firm's responsibility for generated outputs
● Accuracy obligations, generative AI's tendency toward hallucination is a UK GDPR accuracy issue when the output relates to identifiable individuals
● Profiling and automated decision-making implications where generative AI is involved in decisions affecting data subjects
Children's data and the Age-Appropriate Design Code
The Age-Appropriate Design Code applies to online services likely to be accessed by children. AI services accessible to children are within scope, with specific implications:
● High default privacy settings for child users
● Data minimisation for children's data, with stricter standards than for adult data
● Profiling restrictions, including restrictions on profiling children for marketing or other purposes
● Transparency calibrated to children's understanding
● Detrimental use restrictions covering use of children's data in ways that are not in the child's best interests
International data transfers
AI workloads frequently involve international data flows, foundation model vendors hosted outside the UK, training data flowing across borders, inference services delivered from global infrastructure. UK GDPR Chapter V applies.
● Adequacy decisions cover transfers to specific jurisdictions including the EU/EEA and others recognised by the UK
● International Data Transfer Agreements (IDTA) or the UK Addendum to EU SCCs cover transfers where adequacy does not apply
● Binding Corporate Rules cover intra-group transfers for firms with appropriate frameworks
● Transfer impact assessments examine whether the destination jurisdiction provides essentially equivalent protection
● AI vendor selection should consider the data transfer implications of vendor location and infrastructure
ICO enforcement and engagement
The ICO's approach to AI is principles-based but enforcement-active. Enforcement notices, monetary penalties, and audit programmes have all been used. Constructive engagement with the ICO before novel AI deployment is generally productive.
Common ICO enforcement themes on AI include, inadequate lawful basis documentation, missing or inadequate DPIAs, transparency failures, accountability gaps including missing DPO appointment or inadequate DPO involvement, and international transfer arrangements that do not meet the standard.
The shift to make
Stop treating ICO compliance as a privacy exercise separate from AI governance.
Start treating data protection as one dimension of integrated AI governance, with DPIAs as part of AI deployment, lawful basis built into AI use case design, transparency as part of customer-facing AI architecture, and data subject rights operationalised across the AI portfolio.
Firms operating this way navigate ICO engagement constructively and avoid the enforcement exposure that the regulator's active stance creates. Firms running ICO compliance as a parallel privacy workstream eventually discover the integration gaps the regulator examines for.
