ICO deals out £160,000 in data breach fines
The ICO has used its fining powers for the first time, reprimanding a local council and an employment services firm.
"Many people said the ICO would not have the guts to fine a local authority in the midst of economic trouble. It tells us something about his guts and his appetite," Room told IT PRO.
"In one fell swoop he has shown the ICO is one of the strongest [data protection bodies] in Europe."
As the fines were not close to 500,000 limit, Room said it is likely more hefty monetary penalties are in the pipeline.
However, Room said he was against the use of a cap, comparing the fines to the 2.27 million Zurich was told to pay earlier this year for losing data that was "arguably less important."
Nevertheless, the fines should have a positive impact on businesses, Room added.
"It should have a deterrent effect. It would be perverse if it didn't," he added.
Mark Fullbrook, director UK and Ireland at Privileged Identity Management (PIM) and information security expert at Cyber-Ark, agreed firms may now wake up to the need for proper data protection.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"Today's news should hopefully serve as a wake-up call for all those that have ignored this ticking time bomb for so long," Fullbrook said.
"The products are out there, so organisations need to get wise or risk the wrath of an ICO eager to flex its muscles."
Ed Macnair, chief executive (CEO) of Overtis, suggested the fines were not substantial enough, even though they may appear to be tough.
"At first glance this looks like the ICO has real teeth. However, in the case of the stolen laptop, the penalty is less than 3 for each lost record," Macnair said.
"When you consider the fact that A4e is a 145 million company, the breach has had a higher impact on the 24,000 individuals whose confidential information has been lost."
"Similarly, this council had clearly not learned from the first devastating security breach and continued to use the same insecure channel for sharing highly sensitive information," he added.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.