punish the residents
OK, put aside the ins and outs of this particular case and just how many locked rooms a lappy with personal data has be stored in to satisfy this particular QANGO. Let's talk about what will happen in the future, now that we have been told the ICO are being given the power to levy fines.
In times to come they will have the right to extract money from transgressors. In the case of fining a local authority, just who gets hurt? Not the individual who's lax observance of the rules led to the lapse (well, they might get told how naughty they've been and please don't do it again, or we'll have to suspend you on full pay and send you to your room), as council workers are pretty much bullet-proof: short of causing people to die, anyway. Nor will blame be apportioned to the committees that came up with the inadequate security measures in the first place.
Given that in future those local authorities who are found guilty and fined for their shortcomings will not suffer the consequences themselves, it's hard to see what the point of punishing their tax-payers would be.
The fine will become the burden of the council-tax payers. It will reduce the council's available cash, so either they will raise council taxes to account for it, or they will reduce services to balance the budget. Given that they are not accountable to their "customers", who most councils regard as merely a source of never-ending revenue: it's difficult to see how imposing a financial penalty on an organisation who will just pass it on to the innocent, but easily-tappable residents would be any sort of deterrent.