0370 270 6000

Information Commissioner fines public and private sector alike

1 December 2010

From April this year the Information Commissioner (IC) was given new powers to serve monetary penalty notices (up to a maximum of £500,000) on data controllers for breach of the data protection principles.

Last week saw the IC exercising its new power for the first time – twice in fact, in the same week. The first (for £100,000) was issued to Hertfordshire County Council for faxing highly sensitive personal information in relation to child sex abuse cases to the wrong recipients. The second (for £60,000) was issued to employment services company A4e for the loss of an encrypted laptop containing sensitive information concerning 24,000 people.

Clearly these two cases suggest that the IC is prepared to use its power against both private and public sector organisations. The maximum of £500,000 has not been reached (even for a disclosure of very sensitive data in respect of child abuse) but I suspect it will not be long before we see a penalty up to the maximum limit.

Related opinions

Do you collect personal data from children, whether deliberately or by accident? If so you’d better read this…

If you provide goods or services online that might be of interest to children then you’re going to want to go through the ICO’s “Age Appropriate Design Code of Practice” - a code requiring minimum standards of any online service aimed (or which is likely to interest) children.

View blog

Marriott International: a look behind the ICO’s £99m fine and what this means for corporate acquisitions

Last month, the Information Commissioner’s Office (ICO) announced notice of its intention to fine (NOI) Marriott International, Inc. £99m for infringements of the GDPR.

View blog

Cyber risks – are businesses really ready?

The Hiscox Cyber Readiness report, a review of 3300 organisations, will be a stark warning for CEO’s of SME’s in the UK and in Europe.

View blog

Landlord and tenant inspections - getting the evidence right

In Rogerson v Bolsover District Council (2019) the Court of Appeal found against a local authority landlord pursuant to the Defective Premises Act 1972 following a finding of an inadequate inspection regime.

View blog

Mailing list sign up

Select which mailings you would like to receive from us.

Sign up