He's full of crap
All bark and no bite. When the anti-spam regulations came into force a few years back, their reaction to formal complaints was to offer a listwashing service to spammers.
The data protection watchdog has strongly urged an incoming Tory government to quickly bring in jail sentences for data thieves, after the current government reneged on the idea. Christopher Graham, the Information Commissioner, campaigned last year for custodial powers already on the statute books under the Data Protection …
"there has been remarkable reluctance by ministers."
There's been 'remarkable reluctance' by the ICO to use what powers they already have to act against corporate criminals who refuse to register under the DPA / fail to process data fairly or lawfully / maliciously abuse private/confidential communication traffic.
If you're looking for remarkable failure, Chris Graham, you could start here;
http://www.ico.gov.uk/about_us.aspx
As it stands, the only people who can expect to attract the marshmallow like wrath of ICO are the data controller and the tea leaves. People who subsequently obtain data that has been leaked or stolen and then make use of it - the Graun publishing the BNP membership list, HMRC rifling through stolen bank records, etc - get away scot free.
Receiving personal data that aint yours should also be an offence, and one of strict liability, IMHO. Public interest exemptions for scumbag expense fiddlers, obviously, as there are in the current legislation.