ICO publishes annual report 2018-2019: ‘an unprecedented year’

July 11, 2019

The Information Commissioner’s Officer has issued its annual report.  The key points cover:

Helping the public and organisations

  • The ICO’s helpline, chat and written advice services received 471,224 contacts in 2018-19, a 66% increase from 2017/18
  • Data protection complaints received by the ICO increased from 21,019 in 2017/18 to 41,661 in 2018/19
  • Supporting the public through the ICO’s many expanded public-facing services (like the helpline and live text service)
  • Helping both small and large organisations embed compliance with the GDPR and DPA 2018
  • Preparation of statutory codes focusing on age appropriate design, data sharing, direct marketing, and data protection and journalism.

Enforcing the law

  • Using new powers of inspection – issuing 11 assessment notices in conjunction with investigations into data analytics for political purposes, political parties, data brokers, credit reference agencies and others
  • Taking action through enforcement notices
  • Issuing warnings and reprimands across a range of sectors including health, central government, criminal justice, education, retail and finance
  • 2018/19 was a record-breaking year of monetary penalties under the DPA 1998 (though the figures quoted –  22 fines totalling over £3m – are dwarfed by the recent notices of intention to fine British Airways and Marriott Hotels a total of £282m under the GDPR/DPA 2018).

Protecting democracy

In May 2017 the ICO launched a formal investigation into the use of data analytics for political purposes, after allegations were made about the ‘invisible processing’ of personal data and the micro-targeting of political adverts during the 2016 EU referendum. The investigation eventually broadened and has become the largest investigation of its type by any data protection authority.