Also, Public Sector = funded by the Taxpayer, so who are the ICO really punishing there? I'm not saying let the public sector off, but maybe a little consideration for the people who are really getting hit when someone else leaves a laptop or USB stick on the train...
Although there is sovereign immunity in some cases, the public sector doesn't have blanket immunity from legislation. Especially non-UK legislation, ie complying with EU Directives where the EU can fine the UK for breaches or non-compliance. Otherwise, it can be a bit of circular accounting. So ICO fines PSO and fines go to the Treasury. If the ICO keeps the money, that could create fun. Depending on the breach though, PSOs could potentially sue suppliers to recover costs I guess.
Biting the hand that feeds IT
