The CPPA and UK ICO Sign Declaration of Cooperation to Enhance Privacy Protections

News:

WASHINGTON D.C. — The California Privacy Protection Agency (CPPA) and the UK Information Commissioner's Office (UK ICO) have signed a declaration of cooperation, marking a significant step toward coordinating international privacy and data protection across jurisdictions. UK ICO Commissioner John Edwards and CPPA head of enforcement Michael Macko signed the declaration, allowing the agencies to:

  • Facilitate joint research and education relating to new technologies and data protection issues
  • Share best practices, knowledge, and investigative methods
  • Convene meetings with staff members
  • Share relevant experiences and develop appropriate mechanisms for mutual collaboration

The declaration builds upon the CPPA's ongoing efforts to forge and strengthen partnerships with international data protection authorities in order to share information and promote privacy protection across jurisdictions.

"This declaration of cooperation formalises the existing and ongoing collaboration between my office and CPPA. It reaffirms our commitment to work together on common issues so people's privacy rights are respected across the UK and California," said UK ICO Commissioner John Edwards.

“Californians have the right to ensure that their personal information is being used only for the purposes they desire, and the CPPA is committed to protecting and promoting this and other privacy rights,” said CPPA Executive Director Tom Kemp. “By partnering with the UK ICO, we can deepen our knowledge base and leverage best practices from other regulators whose citizens face many of the same privacy harms that Californians have. This collaboration is yet another way we are enhancing privacy protections across California.”

This latest declaration is the third collaboration between the CPPA and international data protection authorities. The CPPA announced its collaboration with the Republic of Korea's Personal Information Protection Commission (PIPC) in January 2025 and with the French data protection authority, the Commission Nationale de l'Informatique et des Libertés (CNIL), in June 2024. In 2023, the Dubai International Financial Centre (DIFC) issued an adequacy determination establishing the California Consumer Privacy Act's equivalence with the DIFC's Data Protection Law. In addition, the Agency is an active member of the Global Privacy Assembly, the Asia Pacific Privacy Authorities, the Global Privacy Enforcement Network, and the International Working Group on Data Protection in Technology.

The collaboration builds upon the CPPA's partnership with states across the country to implement and enforce their privacy laws, known as the Consortium of Privacy Regulators.

About Us

The California Privacy Protection Agency (CPPA) is committed to promoting the education and awareness of consumers' privacy rights and businesses' responsibilities under the California Consumer Privacy Act.

Individuals can visit privacy.ca.gov to access helpful and up-to-date information on how to exercise their rights and protect their personal information. In addition, the Agency's website provides important information about CPPA board meetings, announcements, and the rulemaking process.