Privacy watchdog ICO slashes its fines in half The total value of fines issued by the UK Information Commissioner's Office has halved compared with last year – despite the watchdog receiving roughly the same number of complaints about data protection. In 2014/15, the ICO issued £1.1m in so-called civil monetary penalties, £386,000 of which were for companies behind …
The real reason fines have halved is that the ICO is terrified of issuing serious penalties against private sector offenders. There are less local government/NHS bodies being sanctioned now, and they were the only one ones the ICO was comfortable hitting with big numbers.
True. Jail time and/or loss of job and income for the high-ups in the guilty organisations is the only deterrent.
Failing that, how about the ICO investigate each complaint and, when proven to their satisfaction, publish the full details for all of us to see - exposing the guilty as thoroughly as possible?
So what happened to fining public bodies for breaches to force them to change their outlook on privacy?
I've attended conferences where the ICO rep stated categorically that fining bodies that breached Data Protection rules was the only way to change their outlook.
Why is it okay to heavily fine hospitals for breaches, but try not to hurt commercial organisations? This stance reeks of corruption.
Perhaps if the private companies were involved in life saving operations or treating the sick the ICO might take a hard line approach with them.
The ICO seems to be staffed by a corrupt bunch of incompetents. Time for the lot of them to be sacked and replaced by people with some integrity.
"Why is it okay to heavily fine hospitals for breaches, but try not to hurt commercial organisations? This stance reeks of corruption."
Govt. have promised not to reduce NHS budgets but have invented a way to claw it back. Budget reduction by the back door.
"Jail time and/or loss of job and income for the high-ups in the guilty organisations is the only deterrent."
It would be interesting to see what the threat of a company/org and its principals being banned from handling personal data or inciting others to do so might achieve.
Kind of like company director bans, but in different areas.
Once the first ICO does some serious time the rest of them will start paying attention.
After all it's not the UK has any problem putting people in jail with, IIRC, proportionately the highest number of people in prison of any country in (at least) Western Europe.
Except the last attempt to get this activated (I believe it's in the relevant legislation) failed because, once again, the Home Secretary was clueless ar***ole irresolute.
Of course it's not, because the people at the top who are responsible for company policies don't give a damn.
It's not going to affect them, they're still going to get their salaries and bonuses, the company might declare a slightly smaller dividend, but that's just a pin-prick to a big multi-national and whilst the users whose privacy was compromised might complain, they have no power to do anything because the big shareholders don't care either.
If the ICO actually started fining individuals or, even better, putting them in prison, THEN we might actually see some action being taken.
But until that point, the executives will still be laughing all the way to the bank.
I've been getting robo-calls from PPI-scum since April. Reported dutifully to the ICO (something like 30 reports). AND THEY did react, as recently I've been getting those robo-calls from a different phone number. And they've changed the message ever so slightly! So stop telling me ICO are useless! For all those ££££ paid to them in wages, bonuses, etc, since April at least - they have actually forced the scammers to act! Call it what you want, I call it a value for money, no less!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
