The Information Commissioner’s Office (ICO) published its 2018/2019 Annual Report on 8 July 2019. Here is a short summary:
- The number of enquiries the ICO received increased by 66% to just under half a million.
- The number of data protection complaints almost doubled compared with the previous year.
- Subject Access Requests made up the largest category of data protection complaints (38%), followed by disclosure of data (16%).
- The ICO received notice of 13,840 personal data breaches (compared with 3,311 in 2017/2018); only 0.05% of which led to a monetary penalty or fine.
- The ICO issued 22 monetary penalty notices for breaches of the Data Protection Act 1998, with fines of a total of just over £3 million. The largest fines were to Equifax, Facebook, Uber, Yahoo! and the Crown Prosecution Service.
- The ICO received 6,418 complaints related to the Freedom of Information Act (FOIA) (compared with 5,705 complaints the previous year).
- More than 70% of appeals to the First Tier Tribunal against the ICO’s decision notices related to freedom of information failed.
- The ICO’s major investigations included the use of data analytics in political campaigning and the use of mobile phone extraction for policing purposes.
- In March 2019, the ICO’s regulatory sandbox received 64 applications.
- The ICO will deliver four statutory codes of practice during 2019 to 2020: the Age Appropriate Design Code, the Data Sharing Code (an update to the existing Code), the Direct Marketing Code, and the Data Protection and Journalism Code.
- In collaboration with the Alan Turing Institute, the ICO will also create guidance on the use of artificial intelligence and data.
If you are interested in any further information or advice, please contact my clerks on: 0300 0300 218