This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

ICO nears £2 million in issued monetary penalties

Share this article:
Two county councils fined by ICO over 'serious email errors'
Two county councils fined by ICO over 'serious email errors'

As the Information Commissioner's Office (ICO) nears £2 million in issued monetary penalties, its head has admitted that there ‘is an underlying problem with data protection in local government'.

Reflecting on 2012 and two and a half years since it was given the power to issue monetary penalties, information commissioner Christopher Graham said that nineteen councils failing to have the most straightforward of procedures in place shows that ‘there is an underlying problem with data protection in local government'.

He said: “It would be far too easy to consider these breaches as simple human error. The reality is that they are caused by councils treating sensitive personal data in the same routine way they would deal with more general correspondence.

“Far too often in these cases, the councils do not appear to have acknowledged that the data they are handling is about real people, and often the more vulnerable members of society.

“The distress that these incidents would have caused to the people involved is obvious. The penalties we have issued will be of little solace to them, but we do hope it will stop other people having to endure similar distress by sending out a clear message that this type of approach to personal data will not be tolerated.”

Graham said that it will be meeting with stakeholders from across the sector to discuss how the ICO can support them in addressing those problems.

Speaking to SC Magazine earlier this year, Graham said that one problem with local authorities, councils and government is that staff are dealing with personal information which is often sensitive; and that staff have to be made aware that they are dealing with people and not just numbers.

At the SC Magazine Total Security Conference in the summer, the ICO's principal policy adviser (technology) Dr Simon Rice, said that the 19 monetary penalties issued to businesses was ‘19 too many' and issuing finest was ‘not something that the office enjoys doing and it does not represent everything that we do'.

Also at the Gartner Security and Risk Management Summit, David Smith, deputy commissioner and director for data protection at the ICO, said that it was pressing for ‘power of custodial sentence', primarily for sentences that were 'punishing for not doing things properly'.

Asked if there was a timeline for custodial sentences to be introduced, Smith said there was not but said it was something the ICO had been pressing for a long time. “The government have resisted for several reasons, such as they do not believe in creating more and more crimes that can carry prison sentences, also Leveson is looking at this following the actions of journalists, so let's wait for his report,” he said.

The ICO also said that it is pressing the Ministry of Justice for stronger powers to audit local councils' data protection compliance, if necessary without consent. The same powers are sought for NHS bodies across the UK following a series of data protection breaches in the health sector.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Password recovery made too easy

Password recovery made too easy

A senior malware analyst has slammed the availability of a `password recovery' utility from Freehostia, noting that the software actually uses network admin utilities to take credentials from the users' ...

Belgacom says alleged GCHQ APT attack cost firm £12 million

Belgacom says alleged GCHQ APT attack cost firm ...

One year on from a nation-state APT which 124 systems at telecom operator Belgacom and the firm has detailed the cost and manpower involved in the clean-up operation.

CryptoWall compromises 40,000 UK citizens

CryptoWall compromises 40,000 UK citizens

Research just published claims to show that ransomware - in the shape of CryptoWall - is still generating healthy volumes of income for the cyber-criminals behind the code.