Massive fines for GDPR breaches? ICO will use powers proportionately and judiciously

In a recent blog post, the Information Commissioner, Elizabeth Denham has dispelled some myths about the forthcoming GDPR legislation.

Scaremongering in the media has led some businesses to feel fearful of the maximum £17 million or 4% of turnover penalties allowed under the new law.  It has also been falsely reported that these increased fines will help fund the work of the ICO.

Denham comments “If this kind of misinformation goes unchecked, we risk losing sight of what this new law is about – greater transparency, enhanced rights for citizens and increased accountability.”

She adds “It’s scaremongering to suggest that we’ll be making early examples of organisations for minor infringements or that maximum fines will become the norm. The ICO’s commitment to guiding, advising and educating organisations about how to comply with the law will not change under the GDPR. We have always preferred the carrot to the stick.”

For the ICO, issuing fines has always been and will continue to be, a last resort. In 2016/2017 they concluded 17,300 cases and only 16 of them resulted in fines for the organisations concerned.

Read Elizabeth Denham’s blog post >>

Leave a Reply