ICO takes action against Independent Police Complaints Commission

According to the ICO, the IPCC has failed to respond to 69 freedom of information requests within the required timeframe and, unless it now responds by the end of September, the matter could escalate into a legal case in the High Court for alleged contempt of court.

Infosecurity notes that this is the latest in a series of actions against non-private sector organisations who are not towing the line on their data security and allied governance issues.

However, despite the fact that the penalties for data breaches were raised significantly in April of this year - to half a million pounds for a worst case offence - the ICO seems reticent to impose a fine against a public sector organisation or government agency.

In its press advisory for the IPCC data governance spat, the ICO said that the police complaints agency has repeatedly failed to respond to requests in line with the Freedom of Information Act, which requires a response within 20 days.

As a result of the transgression, the ICO has issued an enforcement notice requiring the IPCC to respond to requests by either responding with the required data, or - interestingly - issuing a refusal notice.

Commenting on the case, Graham Smith, the ICO's deputy commissioner, said: "I am concerned that the IPCC has denied people access to information by repeatedly failing to respond to requests in line with the Act."

"The FOIA gives individuals important rights to access information held by public authorities and despite the current strain on resources all public authorities must remember their responsibilities under the Act", he added.

Smith went on to say that the enforcement notice serves as a strong signal to all public authorities that failure to respond is unacceptable.

"I am pleased that the IPCC reported the difficulties it was facing to us and hope that it will treat this notice with the urgency it requires", he said.

What’s hot on Infosecurity Magazine?