ICO fines less than one per cent of DPA breaches

Despite having the power to punish organisations who flout data protection laws, the ICO hands out fines to less than one per cent.

The Information Commissioner's Office (ICO) fines less than one per cent of organisations breaching the Data Protection Act (DPA).

This was the finding of a freedom of information (FoI) request put forward by encryption firm ViaSat. It discovered only 36 out of 2,565 data breaches were acted on by the ICO and just four cases resulted in monetary fines.

The ICO has had the power to fine organisations up to 500,000 for breaching the DPA since April last year, but the total brought in so far has only reached 310,000.

When IT PRO spoke to the ICO this morning, it claimed there was "certain criteria" necessary to impose monetary penalties and they were only enforced for "the most serious breaches causing serious distress."

A spokesperson said: "Our focus as a regulator is on getting bodies to comply with the [DPA]. This isn't always best achieved by issuing organisations or businesses with monetary penalties."

"The action we will take depends entirely on the details of each individual case. The existence of civil monetary penalties has had a markedly beneficial effect on compliance generally. The big stick is there, but doesn't need to be deployed all the time to have an effect."

However, Chris McIntosh, chief executive (CEO) of ViaSat, doubted this theory.

"The ICO has stated that the embarrassment and poor image of a fine will act as a deterrent and an incentive to improve an organisation's grasp of the data protection act. However, if fines are rare and well below the maximum allowed limit, their value as a deterrent drops," he said.

"Organisations will view the rarity of a fine and the associated negative publicity the same way they have viewed the threat of a data breach itself: an event that only happens to other people."

Featured Resources

How to be an MSP: Seven steps to success

Building your business from the ground up

Download now

The smart buyer’s guide to flash

Find out whether flash storage is right for your business

Download now

How MSPs build outperforming sales teams

The definitive guide to sales

Download now

The business guide to ransomware

Everything you need to know to keep your company afloat

Download now

Recommended

Cyber attacks on manufacturing up 300% in a year
Security

Cyber attacks on manufacturing up 300% in a year

11 May 2021
US fuel pipeline hackers reveal their motive
ransomware

US fuel pipeline hackers reveal their motive

11 May 2021
Trend Micro and Snyk team up to combat open source flaws
vulnerability

Trend Micro and Snyk team up to combat open source flaws

10 May 2021
Virtual desktops and apps for dummies
Whitepaper

Virtual desktops and apps for dummies

10 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021