Daily DashboardEuropean Data Protection Digest

Expert: ICO Fines an Educational Opportunity

PRIVACY LAW—UK

November 29, 2010

There are lessons to be learned from the first fines handed out by the Information Commissioner's Office (ICO) for data breaches, ComputerWeekly reports, highlighting the ICO's recent fines of £100,000 for the Hertfordshire County Council and £60,000 on employment services firm A4e. A primary lesson here is that the ICO will punish "business-as-usual" failures, such as misdirected faxes and unencrypted devices, explains Stewart Room of Field Fisher Waterhouse. "This tells us the ICO considers encryption as a mandatory privacy-enhancing technology," he said, adding, "Punishment despite good behavior also demonstrates the ICO's policy of zero-tolerance for such low-level failings."
Full Story