The ICO has subsequently come under fire from various privacy groups for its decision not to issue a punishment. "The information commissioner's failure to take action is disgraceful," Alex Deane, director of Big Brother Watch, told IT PRO. Deane accused the commissioner of being a "paper tiger" and "an apologist for the worst offender in his sphere of responsibility, not a policeman of it." Jim Killock, executive director at the Open Rights Group, said he was "shocked" by the ICO's decision.
"They are behaving like a lapdog, not a watchdog," Killock added.
"Every privacy group in the UK is appalled. It's time for the ICO to sharpen up..."
In response to the criticism, an ICO spokesperson noted most of the pay-load data was collected before 6 April 2010, when the ICO's new powers came into force.
"Monetary penalties can only be served when a strict set of criteria is satisfied, including that the breach was likely to cause substantial harm or substantial distress this alone would be very hard to prove in this case," the spokesperson added.
Google itself has come under heavy criticism across the globe, but is yet to be hit with any form of financial penalty.
-
Kaseya targets IT efficiency with new AI-powered toolsThe cyber security firm unveiled its new Kaseya 365 Ops and Kaseya SIEM offerings at its Connect 2025 event in Las Vegas
-
AWS to give AI skills to 100,000 people in the UK by 2030Cloud giant wants to inspire the next Charles Babbage and Ada Lovelace with an AI-training initiative that pulls government, business, and education together
-
AI recruitment tools are still a privacy nightmare – here's how the ICO plans to crack down on misuseNews The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
-
“You must do better”: Information Commissioner John Edwards calls on firms to beef up support for data breach victimsNews Companies need to treat victims with swift, practical action, according to the ICO
-
LinkedIn backtracks on AI training rules after user backlashNews UK-based LinkedIn users will now get the same protections as those elsewhere in Europe
-
UK's data protection watchdog deepens cooperation with National Crime AgencyNews The two bodies want to improve the support given to organizations experiencing cyber attacks and ransomware recovery
-
ICO slams Electoral Commission over security failuresNews The Electoral Commission has been reprimanded for poor security practices, including a failure to install security updates and weak password policies
-
Disgruntled ex-employees are using ‘weaponized’ data subject access requests to pester firmsNews Some disgruntled staff are using DSARs as a means to pressure former employers into a financial settlement
-
ICO reprimands Coventry school over repeated data protection failuresNews The ICO said the academy trust failed to follow previous guidance, which caused a serious data breach
-
ICO dishes out fine to HelloFresh for marketing spam campaignNews HelloFresh failed to offer proper opt-outs, the ICO said, and customers weren’t warned their data would be used for months after they cancelled
