DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

UK: Axway provides statistics on complaints to the ICO

Posted on April 29, 2012 by Dissent

Axway issued a press release with some interesting statistics on complaints made to the Information Commissioner Office (ICO). They obtained the data under Freedom of Information requests.

Here are some of the statistics they compiled:

  • Since April 2010, 35%  of complaints to the ICO  involved disclosure of personal data and security breaches. This year alone,  the ICO received 1,002 complaints that raised concerns over the disclosure of personal data or breaches of the DPA  –  an average of eight a day.
  • Since its inception, the ICO has received 26,227 data protection complaints that resulted in serving 14 monetary penalties, equating to a mere £1,171,000 in total fines.

Of course, the ICO didn’t have the authority to impose fines until 2008, but there’s still a significantly low fine:incident ratio.  Here’s a breakdown of complaints by year:

2010

  • 10,598 complaints made in relation to breaching DPA
  • 1,722 complaints made related to disclosure of data
  • 657 complaints related to security
  • 3,781 companies were specifically complained about, with financial organisations and government bodies heralding amongst in the top 10 worst offenders

2011

  • 10,074 total complaints requesting assessment under the DPA
  • 1,834 complaints related to disclosure of private data
  • 620 complaints involved security breaches
  • 4,036 companies were specifically complained about for alleged breaches of DPA

2012 To-date

  • 771 complaints about a breach of the DPA raising concerns over personal data
  • 231 complaints concerning security of personal data

If one extrapolates from the partial 2012 data, it looks like 2012 may see more complaints about personal data and security breaches than either of the previous two years.

The table below, provided by Axway, provides an analysis by sector for 2010 v. 2011. They note, ” Interestingly, with the exception of debt collectors making last year’s Top 10 DPA Worst Offender League Table, (which is probably a symptom of the current economic climate), financial lenders and government continue to take the top spots year on year:”

Top 10 DPA Sector Worst Offenders League Table
Ranking 2010 No. of complaints Ranking 2011 No. of complaints
1 Lenders 1,851 1 Lenders 1,505
2 Local Government 1,012 2 Local Government 1,068
3 General business 876 3 General business 1,053
4 Health 825 4 Health 941
5 Central Government 756 5 Central Government 662
6 Policing 665 6 Policing 482
7 Telecoms 512 7 Telecoms 428
8 Education 339 8 Education 361
9 Insurance 304 9 Insurance 334
10 Internet 299 10 Debt Collectors 309

 

You might think with data such as these that the ICO would start handing out some steep fines to the financial sector as a possible deterrent, but while the ICO has handed out a number of fines to local councils, it has not really gone after the financial sector, raising the question, why?

Category: Commentaries and AnalysesNon-U.S.Of Note

Post navigation

← Ca: Pharmacists lose injunction bid to stop Zellers selling patient info
Theft of personal documents in Fort Worth led to two-year crime spree →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Almost one year later, U.S. Dermatology Partners is still not being very transparent about their 2024 breach
  • Oklahoma Expands its Security Breach Notification Law
  • Ransomware group Gunra claims to have exfiltrated 450 million patient records from American Hospital Dubai.
  • North Shore University Sleep Disorders Center employee charged with secretly recording patients in restrooms
  • When ransomware listings create confusion as to who the victim was
  • Rajkot civic body’s GIS website hit by cyber attack, over 400 GB data feared stolen
  • Taiwan’s BitoPro hit by NT$345 million cryptocurrency hack
  • Texas gastroenterology and surgical practice victim of ransomware attack
  • Romanian Citizen Pleads Guilty to ‘Swatting’ Numerous Members of Congress, Churches, and Former U.S. President
  • North Dakota Enacts Financial Data Security and Data Breach Notification Requirements

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Florida ban on kids using social media likely unconstitutional, judge rules
  • State Data Minimization Laws Spark Compliance Uncertainty
  • Supreme Court Agrees to Clarify Emergency Situations Where Police Don’t Need Warrant
  • Stewart Baker vs. Orin Kerr on “The Digital Fourth Amendment”
  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.