Ministry of Justice
 Printable version
|
 E-mail this to a friend
|
Half a million pound fines for serious breaches of data protection
The Information Commissioner will soon be able to impose a penalty of up to £500,000 on data controllers who seriously contravene data protection principles.
Today, the government has published its response to the public consultation 'Civil Monetary Penalties - Setting the maximum penalty' and has laid new regulations before Parliament to bring these penalties into force.
'Civil Monetary Penalties - Setting the maximum penalty' asked for views on whether new fines of up to half a million pounds would provide the Information Commissioner's Office (ICO) with a proportionate sanction to impose on those who either deliberately or knowingly seriously contravene the data protection principles. The government's response to the consultation, also published today, indicates that a majority of respondents supported the government's proposal to set a maximum penalty of £500,000.
The civil monetary framework regulations, laid today, provide the legislative structure to bring the Information Commissioner's power to serve these penalty notices into force.
Justice Minister, Michael Wills, said:
'Civil Monetary Penalties of up to half a million pounds will ensure that the Information Commissioner is able to impose robust sanctions on those who commit serious contraventions of the data protection principles.
'Most data controllers do comply with the principles but since misuse of even small amounts of personal data can have very serious consequences, it is vital that we do all that we can to prevent non-compliance. Penalties of up to £500,000 will act as a strong deterrent.'
Depending on Parliamentary approval, Civil Monetary Penalties will come into force on 6 April 2010.
Notes to editors
- The public responses show that the majority of the respondents supported the proposal to set the maximum penalty at £500,000 for those who either deliberatively or knowingly seriously contravene the data protection principles. Of the 52 responses received, 27 agreed that £500,000 was the correct maximum level, 8 thought it should be higher, 9 thought there should be a lower level, and 8 did not reply directly to the question.
- Two Statutory Instruments (SIs) have today been laid before Parliament to provide for the legislative framework necessary to bring the Information Commissioner's power to serve a monetary penalty notice into force.
