Reply to post: Re: It was a commercial company that screwed up...

Racing Post escapes ICO fine after leaking info of 677K punters

The BigYin

Re: It was a commercial company that screwed up...

Indeed, just like banking. Can't interrupt criminals at work.

Why there isn't a flat fee per individual I don't know.

Non-identifying info - £1 per record

Communication info [cyber] - £2 per address

Communication info [real] - £5 per number

Identifying info [minor] - £10 per record (e.g. name and city - probably not enough to be truly unique)

Identifying info [reversible] - £50 per record (e.g. when combined with another readily available dataset, it become trivial to uniquely identify a person; name, postcode, d.o.b)

Identifying info [full] - £100 per record (without reference to any other dataset, it is possible to uniquely identify someone)

Add in some other entries for financial etc and you can simply calculate a fine, which could well be ruinous even for a small breach (e.g. "Racing Post" could have been on to a £6.7million pound fine). AND THAT'S A GOOD THING!

Why?

Well, it will make companies seriously consider if they need to collect that information at all; rather than just doing the data-rape land-grab they do now.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019