Still not enough teeth

The ICO should be able to fine, and jail, for large personal data losses, for breaches of insecure systems, for data mining without the informed consent of the data subject and for failing to notify data subjects that their personal details have been comprimised.

The UK needs to get serious about data protection.

Mr Bueller's Ferrari

The power to fine is obviously sensible, but all this handwringing that the ICO is totally powerless is total rubbish. The ICO already has quite a number of powers from polite information notices all the way to criminal prosecutions and search and entry powers. He can already obtain a search warrant not only where he suspects a criminal offence but also if he just think the DPA might not be being followed. The Police don't even have such a wide search power. However much like the item in the title these powers have sat in a garage in cheshire never to be actually put to use. The biggest issue is the ICO's reticence to act, not the legal framework, lets hope the new ICO does better.

I wonder...

...if the government is delaying this to ensure it won't get fined every day for data breaches? On second thoughts Nah, it'll never happen.

It always worries me when I hear the term 'Ministry of Justice', sounds a bit too much like something from Citizen Kane (feel free to substitiue different film/programme title - there's so many to choose from), it always instills a feeling of a Police State where Good Citizens Have Nothing To Fear. (Friend Citizen tell me about your neighbor...)

Oh, silly me, it's already here.

Whoop

All the power he has yet he still doesn't stand up for normal people or actually make a difference to the safety of information

Just look at the phorm debacle to show his thought processes.

Working with the DPA day to day, I can see fundamental flaws in the law and the way it is carried out, fines are not going to change anything.

Anon because my boss might be reading this.

What's the point?

Great idea. Fines and all that. What can I say, hurray. In a sort of muted way.

The ICO Data Protection staff claimed they were 'not techical experts' when confronted with Phorm. They didn't even use the enforcement powers they *already had*. Spinvox, no action there either.

So big stick. Still no clue how to hit people with it. Possibly even a danger to themselves now.

Before fines will be an effective measure we need the ICO Data Protection staff replaced - as a whole - by people who comprehend basic IT (never mind complex IT). And people who serve the public they are supposed to protect, instead of commercial interests.

The ICO Data Protection function is - currently - a pointless waste of tax, fresh air, energy, and office space.

(Welcome Mat, because it welcomes capable new comers, and softens the step of people who really should be leaving).