When will someone take responsibility for these breaches?
"...data privacy watchdogs at the Information Commissioner's Office criticised the council for carelessness with personal data, and for clear violations of the Data Protection Act. Any future transgressions by the council could result in enforcement action by the ICO."
So why aren't they being prosecuted? Surely if you violate the law, you should be punished?
And the use of the word "could" seems to suggest that even if they breach the regulations AGAIN, there is no guarantee action will be taken against them.
Just because people are (perhaps naively) willing to expose their personal information on places like social networking sites, this should not be used as an excuse by either public or private bodies to avoid their obligations to protect people's personal data.
In this case, as in many others, much is made of "actions put in place to ensure it will never happen again." But what about the potential (and maybe real) consequences of such a breach?