Privacy watchdog the Information Commissioner’s Office (ICO) investigated a record number of data protection cases over the past year, according to its annual report which called for stronger powers and more funding for the body.
The 2013/14 Annual Report charted the past financial year, during which a whopping 1,755 data protection cases were investigated by the watchdog – 385 more than the previous year.
The ICO was forced to issue seven enforcement notices, 28 undertakings and a whopping £1.97 million ($3.4m) in “civil monetary penatlies.
Most of these fines for serious breaches of the data protection act were levied against local authorities. These included Glasgow City Council, which was forced to pay £150,000 ($257,000) after losing over 70 unencrypted laptops containing bank account details and other personal information on tens of thousands of taxpayers.
However, private companies were also affected. Payday loans business First Financial was fined £175,000 ($300,000) after thousands of complaints about unlawful spam texts sent by the company claiming to be from the recipients’ friends.
The ICO said it also received a record number of data protection complaint casework totalling 14,738 – an increase of 7% on the previous year – and signed off on a record number of casework closures (15,492) which amounted to an 8.5% rise.
The watchdog also received a record number of concerns from the public about spam texts, automated calls
and live telesales calls which are covered by the Privacy and Electronic Communications Regulation.
Public awareness of the ICO’s role appears to be growing too, judging by the record number of helpline calls (260,000) and written requests for advice (12,000) received this year.
Information commissioner, Christopher Graham, used his foreword in the report to call for “stronger powers, a more sustainable funding system, and a clearer guarantee of independence”.
“I look to parliament to act to strengthen the Commissioner’s powers, to enable the adequate resourcing of the Office, and to guarantee the Commissioner’s independence,” he added.
Chris McIntosh, CEO of ViaSat UK, argued that Graham is right to lobby for greater powers.
"While doing the best with what it can, it is still handicapped by the fact that its resources, and the penalties available to it, are not enough to deter many organizations," he added.
"A clear example of this is in the ICO's income from civil monetary penaltiesin the past year. While penalties totalling £1.97m were issued, the ICO only collected £872,000 thanks to a combination of early payment reductions, appeals and impairments."
Charles Sweeney, CEO of web filtering firm Bloxx, argued that the report clearly shows public concern about data protection abuses has increased this year.
“What we are talking about here is trust. People don't trust organizations to handle their data with the appropriate care,” he told Infosecurity.
“As data increasingly moves outside of the four walls of corporate HQ, companies and government organizations have to demonstrate that they have the right measures in place to protect individuals’ data that has been entrusted to them.”