By Dave McKay | July 11, 2020
ICO Enforcements in the First Six Months of 2020
The Information Commissioner’s Office (ICO) has issued the following fines in the first half of 2020. Interestingly, two of them were against individuals, not businesses.
Two of the fines issued to businesses were for one half of a million pounds. Ouch.
Decision Technologies Limited
2nd July Price comparison and technology company fined £90,000 for a contravention of Regulation 22 of the Privacy and Electronic Communications (EC Directive) Regulations 2003.
Black Lion Marketing Ltd
27th March Black Lion Marketing Ltd fined £171,000 for making unsolicited direct marketing calls.
Nicola Young
13th March A Town Clerk at Whitchurch Town Council has been prosecuted for intentionally blocking records with the intent to prevent disclosure. An individual had made a Freedom of Information (FOI) request to the council for an audio recording of a council meeting. The requester was advised that the recording had been deleted in line with council policy. Nicola Young of Whitchurch, Shropshire had been aware of the FOI request and had deleted the recording some days later. She was fined £400, ordered to pay costs of £1,493 and a victim surcharge of £40.
Cathay Pacific
4th March Cathay Pacific Airways Limited were fined £500,000 for failing to protect the security of its customers’ personal data. Between October 2014 and May 2018 Cathay Pacific’s computer systems lacked appropriate security measures which led to customers’ personal details being exposed.
CRDNN Limited
2nd March CRDNN Limited fined with the maximum £500,000 fine for making more than 193 million automated nuisance calls.
Leo Kirk
15th January Former social worker Leo Kirk unlawfully disclosed referrals for residential or foster placements of vulnerable young people aged 16-18 years old. The referrals contained sensitive personal data including potential identifier information and vulnerability risks of the service user. He was fined £483 for the first offence with no separate penalty for offence two, he was ordered to pay costs of £364.08 and a victim surcharge of £48.
DSG Retail Ltd
9th January The Information Commissioner’s Office (ICO) has fined DSG Retail Limited (DSG) £500,000 after a ‘point of sale’ computer system was compromised as a result of a cyberattack, affecting at least 14 million people.
Source: ICO Enforcements