Re: So why not...
"They just don't use the damn thing."
The problem is that they probably can't.
The ICO's "fines" are only administrative penalties, not fines as sentences, as breaches of the DPA are not criminal offences (which is why they don't go to court).
Were it possible, the DPA should be brought under the umbrella of criminal law. If someone fraudulently extracts money from your credit card account, that's a criminal act. If someone facilitates the fraud, that's also a criminal act. But if a business carelessly leaks your credit card details to a fraudster, under the DPA that's not a criminal act.
Bizarre, isn't it.