On 29 May 2026, the Information Commissioner’s Office said its 2026/27 AI work will include an AI code of practice, dedicated guidance on agentic AI, and more support for consumers dealing with increasingly personalised AI products. That does not mean the code exists yet. It means the regulator has shown where UK organisations will face sharper questions next: who owns AI use, where personal data flows, when automated decisions affect people, and what evidence sits behind human oversight.
For compliance leads, HR teams, procurement, and operations managers, the immediate lesson is simple. Do not wait for the next ICO strategy to tidy up your AI governance. The regulator has already given enough direction to start.
What the ICO actually announced on 29 May 2026
In its 29 May 2026 response, the ICO said it was answering a January 2026 request from government to explain how it would enable safe AI-powered innovation. The original GOV.UK letter published on 28 January 2026 asked 19 regulators to publish a plan and then report on progress every year.
The ICO’s response matters because it moves beyond general AI commentary. It says the regulator’s 2026/27 focus will include an AI code of practice, dedicated agentic AI guidance, and support for consumers in a more personalised AI environment. It also says more detail will follow in a new AI strategy “in the coming months”. In other words, the travel direction is public even if the fuller map is still pending.
This fits the ICO’s March 2026 AI and biometrics strategy update, which said its draft guidance on automated decision-making and profiling would inform parts of an AI and ADM code of practice. That matters for any organisation using AI in recruitment, customer support, fraud checks, marketing personalisation, or internal monitoring.
Why this matters before the code is published
Regulatory problems with AI rarely start with model architecture. They start in deployment. A team buys a tool. Nobody checks what personal data it touches. The vendor promises “human in the loop”, but nobody defines what that human is meant to review, what they can override, or what gets logged when something goes wrong.
The ICO has been signalling this for months. Its agentic AI report on data protection and privacy risks says AI autonomy does not remove organisational responsibility for processing personal data. That point is easy to miss when vendors market “agents” as if the software has taken ownership of the compliance risk with it. It has not.
That is why this is not a “wait and see” story. If your business is already using AI tools that summarise meetings, screen candidates, draft customer responses, monitor productivity, or route support tickets, you already have enough information to run a first governance pass.
Four checks managers should run now
Map every AI use case that touches personal data
Start with an inventory. List every AI tool in use, who owns it, which teams use it, what personal data goes in, what comes out, and whether the tool connects to other systems. Focus on live deployments, not policy documents. Most businesses already have more AI processing than the privacy team realises.
Identify where automated decisions or profiling affect people
The ICO’s agentic AI report says organisations using these systems for decisions about people need to consider the impact on individuals, how to explain the automation, how people can contest the decision, and how humans can intervene meaningfully. Since the Data Use and Access Act 2025 commencement plan brought the relevant data protection changes into force on 5 February 2026, the government’s own UK GDPR and DPA factsheet has said section 80 replaces Article 22 of the UK GDPR with new Articles 22A-D. If you want background on how that shift plays out in practice, our explainer on automated decisions adds context. Recruitment screening is the obvious example, but the same issue appears in triage, fraud scoring, account restrictions, and eligibility workflows.
Review vendor claims, access permissions, and logging
The same ICO report warns that organisations should not give agentic AI systems access to information simply because it might be useful later. Access should match a defined purpose. That means checking what the tool can see, which databases or inboxes it can connect to, whether outputs are retained, and what audit trail exists. If a vendor cannot explain permissions, override paths, and retention in plain English, the deployment is not ready.
Decide who signs off human oversight and escalation
“Human review” is often the weakest part of the setup. A manager glances at a recommendation and clicks approve. That is not a control unless the reviewer knows what to check, has time to challenge the output, and can stop or escalate the process. Name the team owner now. Then define when a DPIA is required, when legal review is mandatory, and who gets called when the AI output conflicts with staff judgement or a complaint arrives.
What agentic AI changes for privacy teams
Agentic AI matters because it expands both autonomy and reach. A standard chatbot may answer a question. An agentic system may search files, trigger actions, call other tools, or chain tasks together. The ICO’s March 2026 report warns that this can make purpose limitation, data minimisation, accuracy, and security harder to manage at scale.
That is why privacy teams need to move past generic “AI policy” documents and into deployment controls. The strongest current reference point is still ordinary data protection practice: defined purposes, least-privilege access, documented roles, challenge routes, retention limits, and evidence that staff understand the process. Our article on AI systems and personal data is useful background if your suppliers or group companies also operate under EU GDPR expectations.
What a defensible baseline looks like before the next ICO strategy lands
- A current list of AI tools, workflows, owners, and linked data sources
- Clear trigger criteria for DPIAs, legal review, and procurement sign-off
- Named humans who can review, override, and escalate automated outputs
- Logging that shows what the tool did, what data it accessed, and who approved the result
- Contract checks covering retention, training-data claims, access scope, and support for data rights
- Staff training that explains where AI use is allowed, where it is prohibited, and when to stop and ask
That baseline will not answer every future ICO requirement. It will, however, put your organisation in a far better position when the code of practice and next strategy arrive. It also gives managers something concrete to show today if the board, the DPO, or the regulator asks how AI-enabled processing is being governed.
If your team needs to tighten the basics before AI governance gets more prescriptive, the GDPR Essentials Course is the clean starting point for staff who need the data protection rules behind these decisions.
Sources
- ICO response to government on safe AI-powered innovation, ICO, 29 May 2026
- How will regulators support safe AI-powered innovation: joint letter from DSIT and DBT, GOV.UK, 28 January 2026
- How will regulators enable safe AI-powered innovation: template letter, GOV.UK, 28 January 2026
- Data protection and privacy risks, ICO Tech Futures: Agentic AI, March 2026
- AI and biometrics strategy update – March 2026, ICO, March 2026
- Data (Use and Access) Act factsheet: UK GDPR and DPA, GOV.UK
