The ICO is committed to raising awareness of data protection and freedom of information rights, and to encouraging good practice. A full list of the press releases from previous years can be accessed via our archive.
July
03 Jul 09 - ICO response to report by the Campaign for Freedom of Information
The Information Commissioner's Office (ICO) has issued a statement in response to a new report by the Campaign for Freedom of Information.
June
22 Jun 09 - Snap away on sports day, says ICO
Parents wishing to capture the moment their child crosses the finish line at their school sports day should not be deterred by data protection myths. The Information Commissioner's Office (ICO) is reminding parents that the Data Protection Act does not prevent them taking photographs of their children and friends participating in school events.
22 Jun 09 - Manchester City Council breaches the Data Protection Act
The Information Commissioner’s Office (ICO) has found Manchester City Council in breach of the Data Protection Act after the theft of two laptop computers from the Town Hall, one of which contained personal details relating to 1,754 employees at local schools. Neither of the laptops was encrypted nor were they secured to the desks.
18 Jun 09 - Putting a price on privacy protection
The Information Commissioner’s Office (ICO) is inviting interested parties to bid to undertake a three-month research project with the aim of developing a sound business case to persuade organisations to invest in proactive privacy protection.
12 Jun 09 - Privacy notices must be consumer friendly, says ICO
The Information Commissioner’s Office (ICO) is today launching its new Privacy Notices Code of Practice that will help organisations provide more user-friendly privacy and marketing notices. The ICO wants to see an end to the confusing privacy notices that are written to protect organisations rather than to inform the public.
11 Jun 09 - Commissioner calls for instinctive culture of openness
On Thursday in his last speech as Information Commissioner, Richard Thomas will urge Whitehall and the public sector to learn the lessons from the MPs’ expenses scandal by routinely publishing more official information without waiting to be asked. Richard Thomas will highlight how greater transparency reduces impropriety and leads to better accountability, public confidence and healthier democracy.
10 Jun 09 - ICO calls for more precisely defined Refusal Notices
A new report, commissioned by the Information Commissioner’s Office (ICO), records the observations of some former Ministers, as well as current and former senior civil servants and government advisers about the policy making process and the impact of the Freedom of Information Act (FOI). The report, Understanding the formulation and development of government policy in the context of FOI, which was prepared by University College London (UCL), provides findings on how policy is developed in Whitehall in 2009 and the views of those involved in the context of FOI.
09 Jun 09 - Amicus Legal Ltd found in breach of the Data Protection Act
The Information Commissioner’s Office (ICO) has found Amicus Legal Ltd in breach of the Data Protection Act after reporting a laptop computer containing personal information relating to 100,000 customers was stolen. The laptop, privately owned by a contracted consultant, was not encrypted.
08 Jun 09 - ICO issues new guidance to help public authorities correctly use the national security exemption
The Information Commissioner’s Office (ICO) has published new guidance to help freedom of information practitioners understand when a request under the Freedom of Information Act (FOIA) can be refused on the grounds of national security.
05 Jun 09 - ICO launches an updated guide for privacy impact assessments
The Information Commissioner’s Office (ICO) is urging organisations to always consider the impact on individuals’ privacy before developing new IT systems or changing the way they handle personal information. The call comes as the ICO today launches the latest version of the Privacy Impact Assessment (PIA) handbook. The user friendly handbook is designed to help organisations address the risks to personal privacy before implementing new initiatives and technologies.
04 Jun 09 - Salford Royal NHS Foundation Trust breaches the Data Protection Act
The Information Commissioner’s Office (ICO) has found Salford Royal NHS Foundation Trust in breach of the Data Protection Act after the Trust reported a desktop computer containing sensitive personal information relating to around 3,500 patients was stolen. Although the computer was password protected, it was not encrypted or secured to a desk.
04 Jun 09 - ICO rules on FOI complaint into the alleged abuse of the honours system
The Information Commissioner’s Office (ICO) has ordered the Metropolitan Police Service (MPS) to release some of the information from a senior investigating officer’s report relating to an investigation into alleged abuse of the honours system in 1997. The ICO has ordered that the information should be disclosed under the Freedom of Information Act.
May
27 May 09 - The Consulting Association pleads guilty in Macclesfield Magistrates Court
The Information Commissioner's Office (ICO) has issued a statement regarding the guilty plea of Ian Kerr, who traded the personal details of construction workers under the name of The Consultancy Association.
22 May 09 - ICO prosecutes Lewisham law firm
The Information Commissioner’s Office (ICO) has successfully prosecuted a Lewisham law firm for offences under the Data Protection Act. Motunrayo Adojutelegan of NatAdo Solicitors was fined £250 and ordered to pay costs of £427.40 plus a victims’ surcharge of £15. The firm must pay a total of £692.40.
22 May 09 - ICO prosecutes Peckham recruitment company
The Information Commissioner’s Office (ICO) has successfully prosecuted a Peckham recruitment company for offences under the Data Protection Act. Metro3 Staffing Limited was fined £250 and ordered to pay costs of £448 plus a victims’ surcharge of £15. The company must pay a total of £713.
19 May 09 - Leicester City Council breaches the Data Protection Act
Leicester City Council has signed a formal Undertaking outlining that it will endeavour to keep personal information secure in future. The Information Commissioner’s Office (ICO) found Leicester City Council in breach of the Data Protection Act after staff breached council procedures by downloading personal information on to an unencrypted memory stick. Sensitive personal information relating to 80 children was subsequently lost from a council-run nursery.
12 May 09 - Making European data protection law fit for the 21st century
The Information Commissioner’s Office (ICO) is today publishing the review of the strengths and weaknesses of the EU Data Protection Directive which it commissioned from RAND Europe. The RAND study concludes that, in an increasingly global, networked environment, the Directive will not suffice in the long term.
01 May 09 - Accenture and Atmel given authorisation by the ICO to transfer personal information outside Europe based on binding corporate rules
The Information Commissioner’s Office (ICO) has recently authorised the transfer of personal information from the UK by the Accenture group of companies and the Atmel group of companies to other entities within their own corporate groups who operate outside of the European Economic Area.
April
30 Apr 09 - ICO issues stark reminder to NHS bodies on patient records
The Information Commissioner’s Office (ICO) is reminding NHS bodies of the importance of data security having found four more NHS organisations in breach of the Data Protection Act. Cambridge University Hospital NHS Foundation Trust, Central Lancashire Primary Care Trust, North West London Hospitals NHS Trust and Hull & East Yorkshire Hospitals NHS Trust have all signed formal Undertakings outlining that they will process personal information in line with the Data Protection Act.
29 Apr 09 - ICO takes enforcement action against Manchester University for data breach
The Information Commissioner’s Office (ICO) has taken regulatory action against the University of Manchester following a breach of the Data Protection Act. The personal records of over 1,700 students, including information on some students’ disabilities, were published when a member of the university staff had unauthorised access to the information. The staff member emailed the information as an attachment to 469 other students.
27 Apr 09 - Information Commissioner's statement on the Communications Data Bill
Richard Thomas, the Information Commissioner, has provided a statement regarding a proposed extension of the arrangements laid out in the Communications Data Bill.
23 Apr 09 - Common sense on Street View must prevail, says the ICO
The Information Commissioner’s Office (ICO) has published new advice on Google Street View in response to a complaint from Privacy International.
17 Apr 09 - Debt collector fined over £6,000
The director of a debt recovery company has been successfully prosecuted by the Information Commissioner’s Office for bombarding individuals and businesses with unwanted faxes. The action follows over 500 complaints from individuals and businesses to the ICO and the Fax Preference Service (FPS).
17 Apr 09 - ICO takes enforcement action against the British Council for serious data breach
The Information Commissioner’s Office (ICO) has found the British Council in breach of the Data Protection Act after the loss of an unencrypted computer disc. Details lost include sensitive personal information relating to trade union membership of over 2,000 members of staff. The British Council reported the data breach to the ICO as soon as it was aware it had taken place.
06 Apr 09 - Greater Manchester Police criticised for freedom of information handling
The Information Commissioner’s Office (ICO) has ordered Greater Manchester Police to improve its handling of internal reviews after a catalogue of failings by the authority. The ICO has issued a practice recommendation to Greater Manchester Police for failing, on various occasions, to respond to internal reviews within the recommended timescales.
03 Apr 09 - ICO to check public authorities’ publication schemes
The Information Commissioner’s Office (ICO) has begun monitoring public authorities to ensure they are complying with the model publication scheme, which came into effect on 1 January 2009, under the Freedom of Information Act (FOIA).
01 Apr 09 - Don’t be a data protection fool this April Fool’s Day
To mark this year’s 1 April celebration of all things foolish, the Information Commissioner’s Office (ICO) is urging organisations not to hide behind the Data Protection Act unnecessarily when dealing with individuals.
March
30 Mar 09 - ICO launches drop-in sessions on social networking site
The Information Commissioner’s Office (ICO) is entering the digital world of social networking site Habbo to launch ‘WTMI – Way Too Much Information’ – a new teen-friendly campaign to raise awareness of the risks that come with putting too much personal information online.
27 Mar 09 - ICO prosecutes Hounslow law firm
The Information Commissioner’s Office (ICO) has successfully prosecuted a Hounslow law firm for offences under the Data Protection Act. Mr Thusita Weerakoon of Weerakoon Solicitors was fined £100 and ordered to pay costs, a total of £832.05. Mr Thusita Weerakoon, a sole practitioner, has now ceased practicing as a solicitor.
23 Mar 09 - ICO takes action against Camden PCT for data blunder
The Information Commissioner’s Office (ICO) has taken enforcement action against Camden Primary Care Trust (PCT) following a breach of the Data Protection Act. Computers containing 2,500 individuals’ names, addresses and medical diagnoses were left beside a skip inside the grounds of St. Pancras Hospital in August 2008.
17 Mar 09 - ICO helps public authorities dealing with round robin requests
The Information Commissioner’s Office (ICO) is reminding public authorities of their duty to respond to requests for information under the Freedom of Information Act (FOIA) and Environmental Information Regulations (EIR), even if they are part of a round robin system of requests.
16 Mar 09 - ICO statement on the Consulting Association database
The ICO has opened a new telephone service for people to check whether information about them was held on a database seized from a company known as The Consulting Association. The database, which was used by over 40 construction companies to vet individuals for employment, was uncovered as part of a recent ICO investigation.
09 Mar 09 - Department of Health must improve its management of records
The Information Commissioner’s Office (ICO) has issued a formal practice recommendation to the Department of Health regarding its record management practice. This follows a request by the ICO, and with the agreement of the Department, for the National Archives (TNA) to conduct an assessment of records management practice at the authority.
06 Mar 09 - ICO seizes covert database of construction industry workers
An investigation by the Information Commissioner’s Office (ICO) has uncovered a database containing details on 3,213 construction workers which was used by over 40 construction companies to vet individuals for employment. The information includes sensitive personal information such as construction workers’ personal relationships, trade union activity, as well as people’s employment history.
03 Mar 09 - ICO prosecutes Knightsbridge law firm
The Information Commissioner’s Office (ICO) has successfully prosecuted a London law firm for offences under the Data Protection Act. Mr Michael Robinson, a sole practitioner, was fined £250 and ordered to pay costs of £200 plus a victims’ surcharge of £15, a total of £465.
03 Mar 09 - ICO prosecutes Middlesex law firm
The Information Commissioner’s Office (ICO) has successfully prosecuted a Middlesex law firm for offences under the Data Protection Act. Mr Gurmej Singh Virk of Robin Singh & Co Solicitors was fined £250 and ordered to pay costs of £200 plus a victims’ surcharge of £15, a total of £465.
February
24 Feb 09 - ICO statement on key Cabinet meeting minutes veto
The Information Commissioner, Richard Thomas, has issued a statement regarding his decision to order the disclosure of minutes of key Cabinet meetings that were held in the run-up to the Iraq war in 2003. Justice Secretary Jack Straw has vetoed publication of the Cabinet minutes after the Information Tribunal rejected a government appeal against the Information Commissioner's ruling.
23 Feb 09 - ICO calls for senior salary scales to be published
Senior public officials’ salary bands should be publicly available as a matter of routine, according to new Guidance published today by the Information Commissioner’s Office.
19 Feb 09 - ICO issues new guidance on swift and impartial internal reviews
The Information Commissioner’s Office (ICO) has published new guidance to help public authorities carry out internal reviews under the Freedom of Information Act (FOIA) and the Environmental Information Regulations (EIR).
18 Feb 09 - Diana correspondence is personal and must not be disclosed
The Information Commissioner’s Office (ICO) has ruled that correspondence between Diana, Princess of Wales, and the government should not be released under the Freedom of Information Act. Under the Act communications with the Royal Family are exempt from disclosure, however this exemption is subject to the public interest test.
13 Feb 09 - ICO takes enforcement action against Hastings and Rother PCT for data loss
The Information Commissioner’s Office (ICO) has taken enforcement action against Hastings and Rother Primary Care Trust (PCT) following a breach of the Data Protection Act. This is the eighth time the ICO has taken enforcement action against an NHS organisation for breaching the Data Protection Act since November 2008.
12 Feb 09 - ICO cracks down on misleading small print
The Information Commissioner’s Office is calling for an overhaul of privacy and marketing small print as research reveals that half of consumers don’t understand what they’re signing up to when they fill in online and paper forms.
09 Feb 09 - Data breaches reported to ICO
New figures show a significant increase in the number of data breaches reported to the ICO. Nearly 100 breaches have been reported to the ICO in the last three months (376 to end January 2009, compared with 277 as at end of October 2008).
06 Feb 09 - ICO response to the House of Lords Constitution Committee Surveillance Society report
The Information Commissioner's Office has provided a response to the House of Lords Constitution Committee Surveillance Society report, which is published today.
05 Feb 09 - ICO takes enforcement action against Brent PCT for data loss
The Information Commissioner’s Office has taken enforcement action against Brent Teaching Primary Care Trust following a breach of the Data Protection Act. Two laptops were stolen from Brent PCT containing the personal information of 389 patients, including some health details relating to those people.
January
30 Jan 09 - ICO prosecutes Hammersmith law firm
The Information Commissioner’s Office (ICO) has successfully prosecuted a Hammersmith law firm for offences under the Data Protection Act. Philip Charles York of PCD York & Co Solicitors was fined £300 and ordered to pay costs of £509.35 plus a victims’ surcharge of £15. The firm must pay a total of £824.35.
28 Jan 09 - ICO issues new guidance to help public authorities when charging for EIR requests
The Information Commissioner’s Office (ICO) has published new guidance to help public authorities identify appropriate charges for requests received under the Environmental Information Regulations (EIR).
28 Jan 09 - ICO launches Personal Information Promise
Organisations including Royal Mail, British Gas, BT, T-Mobile, Greater Manchester Police and Action for Children will sign the Personal Information Promise today. Businesses, charities and public sector bodies signing the Personal Information Promise will send a strong signal to staff, service users and customers that personal details will be handled and protected properly.
27 Jan 09 - Tribunal upholds ICO decision on Cabinet minutes
Ministers have been ordered to release minutes of the cabinet meetings which discussed the 2003 invasion of Iraq. The Information Tribunal upheld a decision by the Information Commissioner that details of sessions, which discussed whether the invasion was allowed under international law, should be disclosed.
22 Jan 09 - ICO takes enforcement action against NHS Trusts for data losses
The Information Commissioner’s Office (ICO) has found Abertawe Bro Morgannwg University NHS Trust and Tees, Esk and Wear Valleys NHS Foundation Trust in breach of the Data Protection Act.
22 Jan 09 - ICO takes enforcement action against the Home Office for serious data breach
The Information Commissioner’s Office (ICO) has found the Home Office in breach of the Data Protection Act after a contractor, PA Consulting, lost an unencrypted memory stick holding sensitive personal details of thousands of individuals in August 2008. Details lost included information about individuals serving custodial sentences and those who had previously been convicted of criminal offences.
19 Jan 09 - ICO issues new guidance to help public authorities deal with unclear requests
The Information Commissioner’s Office (ICO) is today publishing new common sense guidance for freedom of information practitioners on how to interpret and respond to unclear requests under the Freedom of Information Act (FOIA) and the Environmental Information Regulations (EIR).
13 Jan 09 - FOI requests from Mickey Mouse and Mrs Sue D. Nym can be refused
The Information Commissioner’s Office has published new guidance to help public authorities respond to information requests from people using pseudonyms or fictitious names to disguise their real identity.
13 Jan 09 - ICO orders DH to release information relating to the development of the MMR policy
The Information Commissioner’s Office has made three related rulings under the Freedom of information Act involving the Department of Health. Copies of three committees’ minutes, which cover the period in which the joint MMR vaccine was introduced (1988), should be released by the Department. The Department initially provided redacted copies of the minutes citing a large number of exemptions to withhold the requested material.
12 Jan 09 - ICO launches consultation on privacy notices
The Information Commissioner’s Office is launching a consultation today on a new draft Code of Practice designed to help organisations provide more user friendly privacy notices. The ICO is encouraging relevant organisations and members of the public to participate in the consultation.
07 Jan 09 - ICO launches DVD to open up access to public documents
The Information Commissioner’s Office has launched 'Tick tock' – a new training DVD designed to help public authorities understand their responsibilities when dealing with requests under the Freedom of Information Act (FOIA) and the Environmental Information Regulations (EIR).