She did not act in a singularly uninformed manner
Not a lawyer, but I thought it was routine for amicus submissions in support of a party to a legal case to reflect / interpret / support the pleadings of that party, without necessarily having access to the other parties' brief (especially if it's submitted during the discovery process)? Amicus submissions are not supposed to be an all-encompassing interpretation of the case (teaching the judges to suck eggs), but part of the evidence to be considered. You don't need to see all the other evidence to say, "this is our interpretation of how the laws on privacy breaches and liability between corporations and employees should be applied in general". It's not corrupt behaviour for interested parties with relevant knowledge or expertise, including government departments, to make submissions in legal cases.
Not seeing the problem if the ICO's policy position is that corporations are not automatically vicarously liable for employee law breaking (unless some negligence or malpractice is proven). It's up to the court to synthesise a ruling from all the evidence and they're free to discount the ICO's submission (which it seems they did).
It is disingenous for the article to imply that Morrison's are true opponents of the victims of the breach here; I think Morrisons would be argulng that they are (indirectly and reputation-wise) the victims, too. Again, unless there was some gross negligence on their part. And as others have said, if it's Morrison's fault, why not KPMG's?