PLC Public Sector reports:
Recent reports suggest that the Information Commissioner’s Office (ICO) has stated that the wider powers to fine those who knowingly or recklessly abuse the data protection principles will come into force in April 2010.
If true (nothing is mentioned on the ICO’s website), this is interesting for two reasons.
Firstly, and most importantly, a review of the last 18 months shows an alarmingly long list of public sector bodies losing data. The list of “offenders” includes central government departments, local authorities and NHS Trusts; no-one has been immune. A number of these incidents can properly be deemed to fall into the “reckless” category. If the wider powers do come into force, then instances such as these may attract fines in the very near future.
Secondly, this is a strange way for information such as this to come into the public domain. Until we hear something official from the Ministry of Justice (MoJ), or see some enabling legislation published by the Office of Public Sector Information (OPSI), we cannot assume these powers will come into force in April 2010 as promised. What is interesting is whether this is a misunderstanding between the MoJ and the ICO about the timing of the announcement, or does it hint at tension between the ICO and the Government over the introduction of these powers, with the ICO now seeking to apply pressure? The only other possibility is that this is an unauthorised leak, but surely this can be ruled out on the basis that the ICO would not be so careless with its information!
PLC Public Sector will continue to monitor the situation and report on any further developments.