As regular readers of this blog already know, the ICO has issued fines over data protection breaches precisely four times since he acquired the authority to do so, despite public clamor for him to really get tough. Now Caroline Donnelly reports:
… In total, information concerning 2,565 potential data breaches was passed on to the ICO between 6 April 2010 and 22 March 2011, with action taken in 37 cases.
Chris McIntosh, chief executive of ViaSat, blasted the ICO, claiming that its inaction is doing nothing to encourage end users to tighten up their data protection strategies.
[…]
The vendor has also taken issue with the discrepancy between the number of breaches reported and acted upon within the private and public sectors.
Further findings from ViaSat’s FOI request revealed that the number of reported data breaches involving private sector firms is three times higher than in the public sector.
Despite this, the ICO has taken action against seven private sector firms and 30 public sector ones, with three of those resulting in financial penalties.
McIntosh added: “The ICO has stated that the private sector has a worse grasp of the Data Protection Act than the public, [but] its actions so far do not seem to encourage any improvement.
Read more on CRN.
The ICO has defended his decision-making (see PublicService.co.uk).