Security Snafus Escalate As ICO Warnings Up 48 Percent

The ICO is baring its teeth some more, but still imposing minimal fines

The Information Commissioner’s Office (ICO) sent out 48 percent more warnings over poor data protection practices in the past year.

The privacy watchdog sent out 68 warning notices for data security lapses in the 12 months up to to 30 June 2012, up from 46 the previous year, a Freedom of Information (FOI) request by IT finance provider Syscap revealed. Over that time period, the ICO has issued 15 fines worth £1.8 million, compared to £431,000 in the previous year.

“It’s clear that the ICO is starting to take a much more proactive stance in penalising data lapses, so this is something that business owners need to take very seriously,” said chief executive of Syscap Philip White.

Pandering to private firms?

“Businesses need to make sure that the correct safeguards are in place in order to secure their data, or they could be at risk of hefty fines in the near future.

“There are simple steps that businesses can take to safeguard themselves, such as encrypting files on memory sticks, or password protecting databases containing sensitive information. However, these simple steps are often overlooked, especially in busy environments such as SMEs.”

The ICO said it had no comment on the FOI request’s results.

Although the ICO has been praised for taking a tough stance on data breach offences, it has come under fire for not coming down harder on private businesses. It has only handed out a handful of fines to private firms, but a significant number to councils and NHS bodies.

The last private company to have received a monetary penalty was Welcome Financial Services (WFS), which was hit with a £150,000 fine for a data breach that saw over half a million customers’ details go missing.

Last week, Torbay Care Trust in Torquay was fined £175,000 after it accidentally published details relating to over 1000 members of staff on its website.

It remains to be seen whether Google will be handed a monetary penalty by the ICO, after the tech giant admitted it had failed to delete all of the data it collected from Wi-Fi networks through its Street View cars in 2010.

How pro-privacy are you? Test yourself with our quiz!