ICO reports surge in data protection complaints

The Information Commissioner's Office has seen a 30-percent rise in data protection complaints and requests for information over the last year, according to the watchdog's annual report.

Launching the report on Wednesday, information commissioner Christopher Graham said his office was handling record levels of business, with the increase in data protection cases and a 20-percent rise in Freedom of Information (FoI) cases. Graham also used the launch to call for his office to have greater independence from its sponsor, the Ministry of Justice.

"We've never been busier," Graham said in a statement. "But despite the surge in business, the Information Commissioner's Office (ICO) is keeping on top of the demand for our services.

"We have made some significant internal changes to ensure we are best placed to deal with the increasing demands and expectations placed upon us by the public and the organisations we work with. Respect for information rights is not optional. Organisations that ignore their responsibilities will not only lose the confidence and trust of citizens and consumers but could face painful enforcement action from the ICO as well," he said.

According to the report, the ICO received 33,234 data protection complaints and requests for information in the year between 1 April 2009 and 31 March 2010, which is 30 percent more than those received in the preceding year. The office also received 3,734 FoI complaints, up 20 percent on the year before.

Graham repeated his call for jail terms as punishment for some data thieves. "I continue to believe that the courts should be able to impose a custodial sentence, where appropriate, to tackle the unlawful trade in personal data that is the scourge of the digital world," he said. "Data theft is no victimless crime."

Alongside the launch, Graham called for the information commissioner to report directly to parliament, rather than to a government department, as he does now. He said that the time has come for the ICO to be "seen to be independent in its reporting and financing arrangements".

His comment was spurred by the repeated ministerial veto last December of the publication of cabinet meeting minutes regarding the potential devolution of Scotland and Wales. The veto, which overruled the ICO, was made before the matter even reached the Information Tribunal, Graham noted.

"I believe that the ICO has not just to be independent of government, but be seen to be independent," he said. "To carry out my duties effectively and with the full confidence of all parties, now is the time to formalise the governance arrangements for the information commissioner, suitable for an independent public official whose accountability is fully to parliament, rather than primarily via Departments of State."

A spokesperson for the MoJ told ZDNet UK on Wednesday that the department was "fully committed to the ICO's independence".

In June, the European Commission said the UK had two months to strengthen the powers of the ICO — particularly with regard to assessing the data protection regime of countries with which the UK might exchange data, as well as performing spot checks on UK businesses and being able to enforce penalties following those checks — or the Commission would take the government to court.

"I urge the UK to change its rules swiftly so that the data protection authority is able to perform its duties with absolute clarity about the rules," justice commissioner Viviane Reding said at the time. "Having a watchdog with insufficient powers is like keeping your guard dog tied up in the basement."