Expert: ICO Fines an Educational Opportunity
PRIVACY LAW—UKNovember 29, 2010
There are lessons to be learned from the first fines handed out by the Information Commissioner's Office (ICO) for data breaches, ComputerWeekly reports, highlighting the ICO's recent fines of £100,000 for the Hertfordshire County Council and £60,000 on employment services firm A4e. A primary lesson here is that the ICO will punish "business-as-usual" failures, such as misdirected faxes and unencrypted devices, explains Stewart Room of Field Fisher Waterhouse. "This tells us the ICO considers encryption as a mandatory privacy-enhancing technology," he said, adding, "Punishment despite good behavior also demonstrates the ICO's policy of zero-tolerance for such low-level failings."