Progress around data protection and Freedom of Information outlined in ICO’s Annual Report

Christopher Graham: the Information Commissioner

Christopher Graham: the Information Commissioner

In launching the Annual Report of the Information Commissioner’s Office, Christopher Graham – the Information Commissioner – has spoken of a year that marks the progress of data protection and Freedom of Information, in turn pointing towards the strengthening of his own regulatory powers in showing how the legislation continues to develop.

During the last 12 months, the ICO has been afforded powers to compulsorily audit NHS bodies for their data handling. Across the same time frame, forcing a potential employee to make a subject access request for, by way of example, their spent criminal record has been made an offence.

In addition, a change in the law has made it easier to issue fines for those companies proven to be behind nuisance calls and texts.

It has certainly been a busy year for the ICO. The organisation received almost 180,000 online reports about such nuisance calls and texts, representing a 12% increase on last year. Most reports were related to accident claims, green energy deals, payday loans and lifestyle surveys.

To combat this problem, the ICO has undertaken more regulatory action than ever before, issuing five Civil Monetary Penalties totalling £386,000 and eight enforcement notices ordering companies to cease illegal activity.

On top of that, the ICO has successfully prosecuted ten individuals under the Data Protection Act for unlawfully obtaining or disclosing personal data. This included the case of a company director accessing Everything Everywhere’s customer databases and using the details to target people with services offered by his own business.

Real developments in the law

Publishing the ICO’s Annual Report, Christopher Graham explained: “During the last three decades, we’ve seen real developments in the laws we regulate and particularly so over the past year. Just look at the EU Court of Justice ruling on Google search results. This is a case that could never have been envisaged when the data protection law was established.”

Graham continued: “Our role throughout has been to form the responsible regulator of these laws. More than that, we work to demystify some of this legislation, making clear that data protection isn’t to be seen as a hassle or a duck-out but rather a fundamental right.”

A good example of that is the ICO’s role within the new data protection package being developed in Brussels. “We’ve been asked for our advice based on our experience regulating the existing law,” explained Graham. “We’ve also provided a sensible commentary on proceedings for interested observers. That role will continue this year in what promises to be a crucial 12 months. The reform is overdue, but it’s vital that the detail’s absolutely right on a piece of legislation that needs to work in practice and which must last.”

Freedom of Information Act: a reflection

The Information Commissioner has also reflected on the tenth anniversary of the Freedom of Information Act, which was implemented back in January 2005.

“It’s striking to see how decisions that were so hard fought in the early years have resulted in routine publication of information,” highlighted Graham. “Publication of the safety standards for different models of cars, for example, or hygiene standards in pubs and restaurants and the surgical performance records of hospital consultants. Publication is now expected and unexceptionable.”

Continuing this theme, Graham stated: “It has been the ICO’s job to help public authorities comply with requests. The ICO’s role has led to information being released that, time and time again, has delivered real benefits for the UK. Our Annual Report is our claim to be listened to in the debates around information rights. It shows the ICO knows what it’s talking about.”

The ICO’s latest Annual Report reflects on the financial year 2014-2015. Key statistics unveiled include:

*14,268: Data protection concerns received
*£1,078,500: Total Civil Monetary Penalties issued, £386,000 of which were for companies behind nuisance calls or texts
*195,431: Helpline calls answered
*11.4%: Rise in number of concerns raised about nuisance calls and texts (to 180,188)
*41: Audits conducted of data controllers (as well as 58 advisory visits to SMEs)
*1,177: Information requests responded to by the organisation
*4.9 million: Number of visits to the ICO’s website

The Annual Report can be read in full on the ICO’s website

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts