Another Brick from the Wall - Leadership thoughts
Jericho Forum
Subscribe to this blog
About Author
The Jericho Forum is an international group of organisations working together to define and promote the solutions surrounding the issue of de-perimeterisation. Members include top IT security officers from multi-national Fortune 500s & entrepreneurial user companies, major security vendors, government, & academics. Working together, members drive approaches and standards for a secure, collaborative online business world.
Contact Author
Email JerichoDoes the ICO have false teeth?
The Information Commissioner's Office is not being tough enough
Published 17:14, 28 April 11
It was with great fanfare that it was announced last year that the Information Commissioner’s Office (ICO) could impose fines of up to £500,000 ($830,000) for data breach events.
One year on, how has it gone? Not so good. Fewer than 2 percent of the data breaches reported have resulted in action being taken, with the maximum fine of £100,000 being handed down only once, against a local authority. When it came to private companies, only one was fined.
Currently it is very difficult for consumers to do anything other than blindly trust organisations to look after their personal details securely. Legislation, which can result in prosecution and fines, should help provide a sense of assurance when providing information to those companies who require it.
Considering there were 2,565 breaches reported in the last year, it seems that the teeth the ICO had been given might just be false ones. Is it time for clarification as to why the prosecution rates have been so low or does the ICO need some new, bigger teeth?
Guy Bunker, Jericho Forum board member
One year on, how has it gone? Not so good. Fewer than 2 percent of the data breaches reported have resulted in action being taken, with the maximum fine of £100,000 being handed down only once, against a local authority. When it came to private companies, only one was fined.
Currently it is very difficult for consumers to do anything other than blindly trust organisations to look after their personal details securely. Legislation, which can result in prosecution and fines, should help provide a sense of assurance when providing information to those companies who require it.
Considering there were 2,565 breaches reported in the last year, it seems that the teeth the ICO had been given might just be false ones. Is it time for clarification as to why the prosecution rates have been so low or does the ICO need some new, bigger teeth?
Guy Bunker, Jericho Forum board member
Print
Email
