From Panopticon Blog: The Information Commissioner is to get powers to deliver civil penalty notices on a data controller for a serious contravention of the data protection principles if the contravention is:
1) Deliberate or reckless
2) Of a sort that is likely to cause substantial damage or distress
The post makes two criticisms: first, the proposed cap of £500,000, as large as it might seem, compares less favourably with other regulator's powers to fine up to 10% of an organisations turnover. Second, as the government ultimately pays for many of the organisations in question, imposing large fines may have 'a slightly unreal quality to it'.
Wednesday, November 18, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment