One year on, how has it gone? Not so good. Fewer than 2 percent of the data breaches reported have resulted in action being taken, with the maximum fine of £100,000 being handed down only once, against a local authority. When it came to private companies, only one was fined.
Currently it is very difficult for consumers to do anything other than blindly trust organisations to look after their personal details securely. Legislation, which can result in prosecution and fines, should help provide a sense of assurance when providing information to those companies who require it.
Considering there were 2,565 breaches reported in the last year, it seems that the teeth the ICO had been given might just be false ones. Is it time for clarification as to why the prosecution rates have been so low or does the ICO need some new, bigger teeth?
Guy Bunker, Jericho Forum board member