This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Information commissioner says it is time to "wake up and smell the monetary penalty"

Share this article:
Two county councils fined by ICO over 'serious email errors'
Two county councils fined by ICO over 'serious email errors'

Lessons need to be learned from the Information Commissioner's Office (ICO) undertakings.

As it launches its 2011/12 annual report, information commissioner Christopher Graham said that organisations are learning "the hard way" about the consequences of mishandling people's information, and others need to learn the lessons from the ICO.

Graham said: “Over the past year the ICO has bared its teeth and has taken effective action to punish organisations many of which have shown a cavalier attitude to looking after people's personal information.

“This year we have seen some truly shocking examples, with sensitive personal information, including health records and court documents, being lost or misplaced, causing considerable distress to those concerned. This is not acceptable and today's penalty shows just how much information can be lost if organisations don't keep people's details secure.

“We hope these penalties send a clear message to both the public and private sectors that they cannot afford to fail when it comes to handling people's data correctly.”

The annual report showed that there had been a decrease by 0.3 per cent in the number of data protection complaints received by the ICO in the year 2011/12, to 12,985 complaints.

Graham said that its new powers to tackle unsolicited marketing calls and texts have now extended to issuing a monetary penalty of up to £500,000 on the worst offenders.

“We have now set up a dedicated team to enforce the Privacy and Electronic Communication Regulations and we are currently working to identify the operators responsible. The ICO has executed search warrants at a number of sites across the UK linked to companies we believe are breaking the law,” he said.

“We have also set up an online reporting mechanism on our website that allows people to report any marketing texts or calls from unidentified senders. We have received over 12,000 reports to date and we are confident that this work will help us identify those responsible.”

Figures from the annual report show a 60 per cent increase in the number of audits carried out by the ICO good practice team. It said that of the 42 organisations audited, 90 per cent felt that the process raised awareness of the importance of data protection in their organisations. The ICO is also extending its audits to cover public authorities' compliance with the Freedom of Information Act and has also introduced advisory visits to help small- and medium-sized organisations.

Speaking at the SC Magazine Total Security Conference in London, Dr Simon Rice, principal policy adviser (technology) at the ICO, said that the 19 monetary penalties issued to businesses was "19 too many" and it was "not something that the office enjoys doing and it does not represent everything that we do".

The report said that the ICO had received over 600 self-reported data protection breaches, leading to it issuing ten civil monetary penalty notices totalling £1,171,000 in this year, along with 76 undertakings.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Sandworm vulnerability seen targeting SCADA-based systems

Sandworm vulnerability seen targeting SCADA-based systems

Hard on the heels of the `Sandworm' spy group revealed by iSIGHT Partners earlier in the week, Trend Micro says its has spotted the zero-day vulnerability of the same name ...

Russian-speaking criminals account for £420m of card fraud annually

Russian-speaking criminals account for £420m of card fraud ...

New research claims to quantify the scale of card fraud in Russian speaking circles. And according to Group-IB's analysis over the last year, that fraud clocks in at a hefty ...

Light-based printer attack overcomes air-gapped computer security

Light-based printer attack overcomes air-gapped computer security

Multi-function printers - a route to bypass air-gapped computer security.