Half a million pound fines for serious breaches of data protection
12 January 2010
The Information Commissioner will soon be able to impose a penalty of up to £500,000 on data controllers who seriously contravene data protection principles.
Today, the government has published its response to the public consultation 'Civil Monetary Penalties - Setting the maximum penalty' and has laid new regulations before Parliament to bring these penalties into force.
'Civil Monetary Penalties - Setting the maximum penalty' asked for views on whether new fines of up to half a million pounds would provide the Information Commissioner's Office (ICO) with a proportionate sanction to impose on those who either deliberately or knowingly seriously contravene the data protection principles. The government's response to the consultation, also published today, indicates that a majority of respondents supported the government's proposal to set a maximum penalty of £500,000.
The civil monetary framework regulations, laid today, provide the legislative structure to bring the Information Commissioner's power to serve these penalty notices into force.
Justice Minister, Michael Wills, said:
'Civil Monetary Penalties of up to half a million pounds will ensure that the Information Commissioner is able to impose robust sanctions on those who commit serious contraventions of the data protection principles.
'Most data controllers do comply with the principles but since misuse of even small amounts of personal data can have very serious consequences, it is vital that we do all that we can to prevent non-compliance. Penalties of up to £500,000 will act as a strong deterrent.'
Depending on Parliamentary approval, Civil Monetary Penalties will come into force on 6 April 2010.
Civil monetary penalties - setting the maximum penalty - Ministry of Justice
12 January 2010
The Information Commissioner will soon be able to impose a penalty of up to £500,000 on data controllers who seriously contravene data protection principles.
Today, the government has published its response to the public consultation 'Civil Monetary Penalties - Setting the maximum penalty' and has laid new regulations before Parliament to bring these penalties into force.
'Civil Monetary Penalties - Setting the maximum penalty' asked for views on whether new fines of up to half a million pounds would provide the Information Commissioner's Office (ICO) with a proportionate sanction to impose on those who either deliberately or knowingly seriously contravene the data protection principles. The government's response to the consultation, also published today, indicates that a majority of respondents supported the government's proposal to set a maximum penalty of £500,000.
The civil monetary framework regulations, laid today, provide the legislative structure to bring the Information Commissioner's power to serve these penalty notices into force.
Justice Minister, Michael Wills, said:
'Civil Monetary Penalties of up to half a million pounds will ensure that the Information Commissioner is able to impose robust sanctions on those who commit serious contraventions of the data protection principles.
'Most data controllers do comply with the principles but since misuse of even small amounts of personal data can have very serious consequences, it is vital that we do all that we can to prevent non-compliance. Penalties of up to £500,000 will act as a strong deterrent.'
Depending on Parliamentary approval, Civil Monetary Penalties will come into force on 6 April 2010.
Civil monetary penalties - setting the maximum penalty - Ministry of Justice