"Many people said the ICO would not have the guts to fine a local authority in the midst of economic trouble. It tells us something about his guts and his appetite," Room told IT PRO.
"In one fell swoop he has shown the ICO is one of the strongest [data protection bodies] in Europe."
As the fines were not close to 500,000 limit, Room said it is likely more hefty monetary penalties are in the pipeline.
However, Room said he was against the use of a cap, comparing the fines to the 2.27 million Zurich was told to pay earlier this year for losing data that was "arguably less important."
Nevertheless, the fines should have a positive impact on businesses, Room added.
"It should have a deterrent effect. It would be perverse if it didn't," he added.
Mark Fullbrook, director UK and Ireland at Privileged Identity Management (PIM) and information security expert at Cyber-Ark, agreed firms may now wake up to the need for proper data protection.
"Today's news should hopefully serve as a wake-up call for all those that have ignored this ticking time bomb for so long," Fullbrook said.
"The products are out there, so organisations need to get wise or risk the wrath of an ICO eager to flex its muscles."
Ed Macnair, chief executive (CEO) of Overtis, suggested the fines were not substantial enough, even though they may appear to be tough.
"At first glance this looks like the ICO has real teeth. However, in the case of the stolen laptop, the penalty is less than 3 for each lost record," Macnair said.
"When you consider the fact that A4e is a 145 million company, the breach has had a higher impact on the 24,000 individuals whose confidential information has been lost."
"Similarly, this council had clearly not learned from the first devastating security breach and continued to use the same insecure channel for sharing highly sensitive information," he added.
-
The UK cybersecurity sector is worth over £13 billion, but experts say there’s huge untapped potential if it can overcome these hurdlesAnalysis A new report released by the DSIT revealed the UK’s cybersecurity sector generated £13.2 billion over the last year
-
"Thinly spread": Questions raised over UK government’s latest cyber funding schemeThe funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
AI recruitment tools are still a privacy nightmare – here's how the ICO plans to crack down on misuseNews The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
-
“You must do better”: Information Commissioner John Edwards calls on firms to beef up support for data breach victimsNews Companies need to treat victims with swift, practical action, according to the ICO
-
LinkedIn backtracks on AI training rules after user backlashNews UK-based LinkedIn users will now get the same protections as those elsewhere in Europe
-
UK's data protection watchdog deepens cooperation with National Crime AgencyNews The two bodies want to improve the support given to organizations experiencing cyber attacks and ransomware recovery
-
ICO slams Electoral Commission over security failuresNews The Electoral Commission has been reprimanded for poor security practices, including a failure to install security updates and weak password policies
-
Disgruntled ex-employees are using ‘weaponized’ data subject access requests to pester firmsNews Some disgruntled staff are using DSARs as a means to pressure former employers into a financial settlement
