Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Small ICO Fines On Councils Inappropriate

Sophos : 09 February, 2011  (Technical Article)
Sophos comments on the recent fines on two British Councils for data breaches which are small compared to the levels of fines that the Information Commissioner's Office has at its disposal
IT security and control firm Sophos has commented on the news that the ICO has fined Ealing and Hounslow councils £80,000 and £70,000 respectively for breaching the Data Protection Act.  Ealing Council lost the personal information of almost 1,000 clients and Hounslow Council lost 700 clients’ details when two council-issued laptops were stolen from an employee’s home and the sensitive information was only password protected.



“These are pretty embarrassing mistakes for the two councils involved,” commented Graeme Stewart, Sophos’s Business Development Director for UK Public Sector.  “However, £80k and £70k are hardly punitive damages. It seems that, given the maximum possible fine is £500k, the ICO is attempting to be proportionate and give himself wiggle-room for the future. So it’s tough to blame the ICO, but it’s not tough to blame those that gave him these powers.”



“As these sums of money act more like a slap on the wrist, the real question has to be about disciplinary action, internal remedy and procedural changes within these authorities.  Rather than just shuffling the sum of these fines back to the Ministry of Justice, wouldn’t it be far more beneficial if this money was spent on finding a proper remedy – user education, remedial action for those whose privacy has been breached, or legal training for people who aren’t lawyers within the authority to explain what the legislation says and means?”



“I applaud the fine for it sentiments – it is not appropriate to treat client information in such a slapdash manner.  But nor is it appropriate for the fine to be so pathetically small.  Three councils fined in so many months for a sum total less than it costs to put a proportionately secure working environment in place is not a deterrent, it’s a mild rebuke. And if fines are not a deterrent, what’s the point of them in the first place?”
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo