Information Commissioner's Office
Blog: Show you mean business by paying the Data Protection Fee
Paul Arnold, ICO Deputy Chief Executive explains to small businesses why they need to pay the data protection fee.
Businesses that process personal data have to pay a fee to the data protection regulator, the Information Commissioner’s Office.
It’s the law to pay the fee, which funds the ICO’s work, but it also makes good business sense. Because whether or not you’ve paid the fee could have an impact on your reputation.
When you’ve paid, your business is published on our register of data controllers. Members of the public and other companies check that list before they decide to do business.
We speak to thousands of people and organisations every week and it’s clear that being on the register tells others a lot about you.
It’s a strong message for your customers – it lets them know that you value and care about their information and that you’re more likely to keep it secure and not share it inappropriately.
It also lets other organisations know that you run a tight ship and that you’re aware of your data protection obligations. It indicates that you’re more likely to take your other data protection responsibilities seriously too. It’s a reassurance for those thinking of doing business with you.
For most organisations, the fee is either £40 or £60 a year depending on your turnover and how many people you employ.
If you’re not sure whether you need to pay, you can check here.
There’s another good business reason to pay too. If you need to pay and don’t you will be fined. Fines range from £400 to £4,000 and since May, when the current law came into effect, we’ve issued 103 penalty notices to companies for failing to pay.
We publish a summary of this enforcement action which we will be sharing regularly through social media and in our e-newsletter. This will include publishing the names of organisations we fine on our website.
Paying the data protection fee is important because it funds our work providing advice and guidance about how to comply with the law. Things like our online guidance, our telephone helpline and our digital toolkits.
Fines do not fund the ICO. They are paid to HM Treasury.
We know that time is money, especially for a one-person business or a small organisation, so we’ve made it as easy as possible to pay. You can do this online and it only takes 15 minutes to complete the process.
If it avoids you paying a fine and protects your reputation, we think that is time well-spent.
Paul Arnold, Deputy Chief Executive Officer/Executive Officer is responsible for the ICO's internal support and compliance functions as well as our high volume customer services. Paul leads departments responsible for IT, Information Governance, Business Development and Change Management, Organisation Development and Customer Contact.
Latest News from
Information Commissioner's Office
Blog: The Data Protection Fee: does your company need to pay?04/12/2019 10:10:10
Blog posted by: Paul Arnold, Deputy Chief Executive Officer/Executive Officer, 03 December 2019.
Blog: ICO and The Alan Turing Institute open consultation on first piece of AI guidance03/12/2019 09:10:00
A blog aimed at data scientists, app developers, business owners, CEOs or data protection practitioners, whose organisations are using, or thinking about using, artificial intelligence (AI) to support, or to make, decisions about individuals, by Simon McDougall, Executive Director Technology and Innovation (02 December 2019).
ICO Deputy Commissioner appointed OECD working party chair28/11/2019 09:10:00
The ICO’s Steve Wood has been appointed as chair of the OECD’s Working Party on Data Governance and Privacy.
ICO submits Age Appropriate Design Code of Practice to government22/11/2019 15:25:00
The Information Commissioner has today (Friday 22 November) submitted the final version of the Age Appropriate Design Code of Practice to the Secretary of State in accordance with the statutory deadline.
Blog: Data ethics and the digital economy19/11/2019 09:10:00
Blog posted by: Simon McDougall, Executive Director – Technology Policy and Innovation, ICO, 18 November 2019.
Blog: Why special category personal data needs to be handled even more carefully15/11/2019 09:10:00
Blog posted by: Ian Hulme, Director for Regulatory Assurance, 14 November 2019.
ICO call for views on the application for powers under the Proceeds of Crime Act11/11/2019 09:10:00
The Information Commissioner invites views on her office being granted access to investigation and other associated powers under the Proceeds of Crime Act 2002 (POCA).
Information Commissioner reminds political parties they must comply with the law ahead of General Election06/11/2019 09:10:00
The Information Commissioner has sent the following letter to the political parties in relation to the use of data in political campaigning.