People are more aware of their data rights than ever before, says ICO

Watchdog issued a record £5 million in fines to organisations in 2017/18

The public has growing increasingly aware of its privacy rights over the last 12 months, according to the Information Commissioner's Office (ICO), which regulates data protection in the UK.

The data watchdog highlighted an increase in complaints and self-reported breaches, as well as a significant rise in calls from the public and organisations, as evidence that privacy and data protection matters have become more important to people.

Data protection complaints rose by 14.5% in 2017/18, according to the ICO's annual report, released this week, and it recorded a 29% rise in self-reported data breaches from organisations, from 2,447 to 3,156. Self-reporting is now mandatory under GDPR, so the number is expected to rise yet further over the course of 2018/19.

Moreover, the data regulator received almost 46,000 more calls than the previous year - an increase of 24.1% - while the number of live chats requested rose by 61.5%. Approximately two-thirds, 68%, of enquiries were from members of the public while the remainder were from organisations - with the vast majority of enquiries, 85%, concerning the DPA.

Advertisement
Advertisement - Article continues below

"This is an important time for privacy rights, with a new legal framework and increased public interest," said information commissioner Elizabeth Denham.

"Transparency and accountability must be paramount, otherwise it will be impossible to build trust in the way that personal information is obtained, used and shared online."

The ICO issued 1.29 million in fines for serious failures under the old Data Protection Act 1998 (DPA). These were issued alongside 138,000 in fines to charities for unlawfully processing personal data, and a further 80,000 penalty issued to a data broking organisation.

Breaches of the Privacy and Electronic Communications Regulations (PECR), meanwhile, saw 26 organisations fined a collective 3.28 million for nuisance calls and spam texts, altogether amounting to the greatest number, and amount, of penalties the ICO has issued in its history.

The watchdog launched 19 prosecutions in 2017/18 resulting in 18 convictions under the DPA, and issued a further six cautions. One highlight mentioned in the report was the ICO's ongoing investigation into 30 organisations, including Facebook and Cambridge Analytica, into the misuse of personal data in political campaigning.

As part of these investigations, the regulator levied a 500,000 fine against Facebook earlier in July - the maximum possible fine under the old DPA - for two breaches of the 1998 act.

Because the offences had been committed prior to 25 May, they were not adjudicated under GDPR - which carries with it a maximum fine of 20 million, or 4% of an organisation's global annual turnover (whichever is higher), for the most serious breaches.

In the lead up to the European Union's (EU's) tough new set of data laws coming into force, the ICO also offered guidance and advice to organisations racing to comply - including the set-up of a small business helpline, and the launch of a UK-wide 'Your Data Matters' awareness campaign.

"At the time of my previous annual report the office was heavily involved in preparations for the upcoming General Data Protection Regulation (GDPR), working on guidance with our EU counterparts and identifying how our own processes needed to change to take account of the GDPR," Denham continued.

"In 2017/18 this activity has upped a few gears and involved many more staff. We have produced well received guidance on the new law for organisations, and have also continued a successful change management process to ensure our internal processes and workflows are up to the demands placed upon us by GDPR."

Advertisement
Advertisement - Article continues below

Picture: Information commissioner Elizabeth Denham

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks.

Download now
Advertisement

Recommended

Visit/strategy/28171/benefits-of-flexible-working-including-for-parents
Business strategy

Benefits of flexible working (including for parents)

3 Dec 2019
Visit/careers/29106/what-does-the-future-of-work-look-like
Careers & training

What does the future of work look like?

13 Nov 2019
Visit/mobile/28081/what-is-5g
Mobile

What is 5G and how far are we from rollout?

29 Oct 2019
Visit/strategy/28187/flexible-vs-agile-working
Business strategy

Flexible vs agile working

26 Sep 2019

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/cloud/amazon-web-services-aws/354223/what-to-expect-from-aws-reinvent-2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019
Visit/business/business-strategy/354252/huawei-takes-the-us-trade-sanctions-into-its-own-hands
Business strategy

Huawei takes the US trade sanctions into its own hands

3 Dec 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019