Information Commissioner's Office
Blog: Show you mean business by paying the Data Protection Fee
Paul Arnold, ICO Deputy Chief Executive explains to small businesses why they need to pay the data protection fee.
Businesses that process personal data have to pay a fee to the data protection regulator, the Information Commissioner’s Office.
It’s the law to pay the fee, which funds the ICO’s work, but it also makes good business sense. Because whether or not you’ve paid the fee could have an impact on your reputation.
When you’ve paid, your business is published on our register of data controllers. Members of the public and other companies check that list before they decide to do business.
We speak to thousands of people and organisations every week and it’s clear that being on the register tells others a lot about you.
It’s a strong message for your customers – it lets them know that you value and care about their information and that you’re more likely to keep it secure and not share it inappropriately.
It also lets other organisations know that you run a tight ship and that you’re aware of your data protection obligations. It indicates that you’re more likely to take your other data protection responsibilities seriously too. It’s a reassurance for those thinking of doing business with you.
For most organisations, the fee is either £40 or £60 a year depending on your turnover and how many people you employ.
If you’re not sure whether you need to pay, you can check here.
There’s another good business reason to pay too. If you need to pay and don’t you will be fined. Fines range from £400 to £4,000 and since May, when the current law came into effect, we’ve issued 103 penalty notices to companies for failing to pay.
We publish a summary of this enforcement action which we will be sharing regularly through social media and in our e-newsletter. This will include publishing the names of organisations we fine on our website.
Paying the data protection fee is important because it funds our work providing advice and guidance about how to comply with the law. Things like our online guidance, our telephone helpline and our digital toolkits.
Fines do not fund the ICO. They are paid to HM Treasury.
We know that time is money, especially for a one-person business or a small organisation, so we’ve made it as easy as possible to pay. You can do this online and it only takes 15 minutes to complete the process.
If it avoids you paying a fine and protects your reputation, we think that is time well-spent.
Paul Arnold, Deputy Chief Executive Officer/Executive Officer is responsible for the ICO's internal support and compliance functions as well as our high volume customer services. Paul leads departments responsible for IT, Information Governance, Business Development and Change Management, Organisation Development and Customer Contact.
Latest News from
Information Commissioner's Office
ICO fines home security company for making thousands of nuisance calls14/06/2019 09:10:00
The Information Commissioner’s Office (ICO) has fined Smart Home Protection Ltd £90,000 for making nuisance calls to people registered with the Telephone Preference Service (TPS).
Former customer services officer fined after unlawfully accessing personal data10/06/2019 17:20:00
A former customer services officer at Stockport Homes Limited (SHL) has been found guilty of unlawfully accessing personal data without a legitimate reason to do so.
G20 Side Event - International Seminar on Personal Data05/06/2019 12:25:00
Speach given yesterday by the ICO at the G20 Side Event – International Seminar on Personal Data.
Blog: Counting the cost of accessing environmental information04/06/2019 11:10:00
Blog posted by: Gill Bull, Director of Freedom of Information, 03 June 2019.
When it comes to explaining AI decisions, context matters03/06/2019 12:25:00
Alex Hubbard, Senior Policy Officer at the ICO, looks at some of the key themes identified in the ICO and The Alan Turing Institute’s interim report about explanations of AI decisions.
Blog: GDPR – One Year on31/05/2019 09:10:00
Blog posted by: Elizabeth Denham, Information Commissioner, 30 May 2019.
Blog: ICO regulatory sandbox29/05/2019 12:25:00
Work begins on creating ICO Sandbox short list as application period closes.
Known security risks exacerbated by AI24/05/2019 09:25:00
As part of our AI auditing framework blog series, Reuben Binns, our Research Fellow in Artificial Intelligence (AI), Peter Brown, Technology Policy Group Manager, and Valeria Gallo, Technology Policy Adviser, look at how AI can exacerbate known security risks and make them more difficult to manage.