Re: ''more "pro-innovation" regime.''
Denham was not a privacy crusader at all and after the 2018 revision of the DPA, her office did in fact have the powers it has been 'asking' for for so long. She just chose never to enforce them for ... reasons (insert appropriate justification here later).
For example, look up how many public sector organisations *have ever* received enforcement action for breaches of the DPA 2018 or DPA 1998 (I'll give you a clue - it's a nice round number!)
I personally complained a number of times, with evidence that organisations were in material breach of the DPA2018 (and not just trivial breaches, but very serious ones affecting multiple individuals), but the ICO in her infinite wisdom never took any action, citing that the ICO only takes action on the back of 'intelligence led' investigations. Of course, 99% of investigations are concluded with "insufficient evidence" (even when there is) or "no action taken". Hmmm.
In addition, I found that decisions between the ICO and alleged breaching organisations were decided without paper trails (verbally in off-the-record telephone meetings), meaning that not only were the reasons for a decision (which was inevitably 'take no action') not available, there was absolutely no scrutiny of how they were reached. Wine and cheese hampers or £3,000 chocolates in the mail perhaps?
Top this all off, of the mutiple public breaches that the ICO did actually investigate (when there was an interesting media angle to them), no conclusion was reached (still waiting for my Equifax, Google/Cambeidge Analytica, IAG payouts - any day now, right?). The only companies they seem to actually fine are the SMEs that are already technically bankrupt so will not pay the fine anyway.
The ICO has turned into a chocolate fireguard because it's always easier to ensure your future role by allowing a degree of non-compliance. They are not set up to police the DPA, so don't. But here's the rub - many years ago they did police it and people did get legal remedy from them. I did with the ICO's help in the late 1990s - from Equifax of all people!
Biting the hand that feeds IT
