ICO to scale back fines for public bodies

06 July 2022

The Information Commissioner's Office (ICO) is to scale back fines for public bodies after admitting that users of services often suffer the consequences of the financial punishments imposed.

Although the UK's data watchdog said it will continue to issue fines for the most serious cases of data breaches in the public sector, it will use other powers within its remit such as warnings, reprimands and enforcement notices.

“Fines do not impact shareholders or individual directors in the same way as they do in the private sector but come directly from the budget for the provision of services,” information commissioner John Edwards, wrote in an open letter.

The largest ever fine imposed by the ICO was a £20m punishment for British Airways following a hack of customer data in 2018. Other examples of ICO public sector punishments include a £500,000 fine imposed on the Cabinet Office December 2021 after the postal addresses of the 2020 New Year honours recipients were disclosed online.