Under provisions introduced in the 2008 Criminal Justice and Immigration Act the ICO will be able to impose substantial fines on organisations where there is evidence of reckless or deliberate data protection breaches.
But to make use of this power as soon as possible the ICO, which enforces and oversees the Data Protection Act, the Freedom of Information Act and others, is liaising with the MoJ.
An ICO spokesperson says: “We are working with the Ministry of Justice to ensure that we can make use of this power as soon as possible but do not expect this to be until early 2010.
“We understand that the Ministry of Justice expects to make a further announcement about the penalties before the end of this parliamentary session.”
The news comes after the FSA fined three HSBC firms over £3m for not having adequate systems and controls in place to protect their customers’ confidential details from being lost or stolen.