UK data protection watchdog, the Information Commissioner’s Office (ICO), is expecting to gain the power to fine organisations up to £500,000 for “deliberate or negligent” breaches of personal data, a hundred times the current maximum penalty, from April 2010.
Jack Straw, the secretary of state for justice, approved a bid from the ICO for the increased fine, which it says will act “as a deterrent and to promote compliance with the Data Protection Act”, and it is expected to be approved by Parliament.
Only those data breaches that are likely to cause damage or distress for the individuals involved, and that are the result of deliberate or negligent action by the data holder, are subject to financial penalty.