ICO To Crack Down On Rule Breakers In 2012

ICO says austerity is no excuse for flaunting its rules and warns companies not to cut corners in 2012

The ICO has said that there is no doubt that it is gearing up to defend information rights in 2012.

In a blog post, Information Commissioner Christopher Graham said that 2012 would see the ICO continue speak up against violations in data protection legislation, and warned that in the “cold climate of austerity” companies may be tempted to take shortcuts.

Don’t even try it

“It’s in the tough times that we most need to defend the rights of the individual against abuse of power by organisations, both public and private. And information rights are under pressure right now – a victim primarily of the economic climate,” he said.

“Businesses under pressure in the downturn must be tempted to cut corners and push boundaries. That’s a bad call, since the first casualty of a big data breach is going to be a brand’s reputation. Consumers will abandon companies that disrespect their privacy. (And that’s leaving aside the ICO’s power to levy a civil monetary penalty of up to £500,000 for serious breaches of the data protection principles),” he warned.

He lamented that data protection and freedom of information are relegated to back-office functions earmarked for culling in tough times, particularly since those who are tasked with dealing with these issues are under growing pressure to reduce resourcing while having to deal with increasing demands for information.

“The danger is that rights are seen as nice to have in the good times, but a bureaucratic inconvenience when times are hard,” added Graham.

The Freedom of Information Act has been in place for seven years, according to the post, and regardless of those still mourning the loss of private government, the law needed to be properly applied and the “dynamic possibilities of greater openness” embraced.

Graham admitted that post-legislative scrutiny reveals opportunities for doing things better, but that the Act already had provisions for exemptions for necessary confidentiality and for handling “vexatious requests”.