UK: ICO issued fines of £42m last year
The Information Commissioner’s Office (ICO) issued penalties totalling £42.4 million last year, according to new figures.
The data, contained in the ICO’s ‘work to recover fines’ report and analysed by the Parliament Street think tank, reveals a catalogue of fines issued across a variety of sectors.
The reasons for the fines included breaches of the Privacy and Electronic Communications Regulations (PECR) and the Data Protection Act (DPA).
A total of 17 penalties were issued last year according to the figures.
The largest fine was handed to British Airways in the transport and leisure sector on 16 October 2020 – £20m for a breach of the DPA. This was followed by a fine of £18.4m, issued to Marriott International Inc in the same month, also for a breach of the DPA.
The next greatest fine was issued to Ticketmaster LTD, of £1.25m for data breaches on 13 November 2020. DSG Retail Ltd, CRDNN Limited and Cathay Pacific all received fines totalling £500,000.
Additionally, CRDNN was given a £500,000 fine on 2 March 2021 for breaches of PECR.
The industry hit with the biggest fines was marketing, against which nine fines in total were issued, followed by three fines issued to firms in the transport and leisure sector.