The Information Commissioner’s Office (ICO) admitted that its own staff had breached data privacy regulations in the past 12 months.
Information about a “non-trivial incident” was hidden inside the 84-page annual report, the same document in which information commissioner Christopher Graham asked for more powers and more funding for the UK’s privacy watchdog.
The ICO has been criticised for refusing to provide more information about the breach, other than the two short paragraphs in the report. “You will have to fill out a freedom of information request,” a spokesman for the ICO told The Times earlier today.
Several hours later, the organisation apparently had a change of heart and issued a statement, and here’s where it gets really interesting: “We are unable to provide details of the breach at this stage, as the information involved is linked to an ongoing criminal investigation,” said a spokesperson for the ICO.
In its latest annual report, the ICO said it handled 259,903 calls to its helpline, resolved 15,492 data protection complaints, investigated a record 1,755 cases, and issued civil monetary penalties totalling £1.97 million.
Now, it has emerged that one of the cases had the ICO investigating itself.
“It was concluded that the likelihood of damage or distress to any affected data subjects was low and that it did not amount to a serious breach of the Data Protection Act. A full investigation was carried out with recommendations made and adopted. The internal investigation was also concluded.”
Despite these assurances, the latest statement from the ICO seems to suggest that the case is far from over. Just how serious was this “non-trivial” incident? What kind of criminal investigation is it linked to? These are just some of the questions the watchdog will have to answer in the coming weeks if it wants to get access to more powers and funding.
The ICO had previously reported an internal data privacy breach in its 2011 annual report. Back then, the organization also called the incident “self-reported” and said it was treating it like any other case.
What do you know about ICO and its counterparts? Take our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…