A number of civil society groups, academics and lawyers have written to the Chair of the Science, Innovation and Technology Committee calling for an inquiry into what they describe as the “collapse in enforcement activity” by the Information Commissioner’s Office (ICO).

The letter was prompted in part by the ICO’s decision not to investigate the Ministry of Defence (MoD) following the high-profile data breach that saw the leaking of details of Afghans who had applied to the UK’s Afghan Relocations and Assistance Policy, an incident that led to an unprecedented superinjunction being obtained by the UK Government which was lifted earlier this year.

The ICO’s decision not to pursue any formal action against the MoD is described in the letter as “extraordinary” and as the latest example of, according to the signatories, the ICO failing adequately to respond to “egregious” data breaches in the public sector, leaving no effective deterrence for public bodies to improve their data management.

The concerns extend beyond the public sector. The letter highlights a “sharp drop in formal investigations, criminal prosecution, and in the issuing of enforcement notices, monetary penalties, and reprimands”. It also accuses the ICO of interpreting its duty to promote growth and innovation as “grounds to tolerate non-compliance with legal requirements that protect internet users from predatory advertising, micro-targeting and political profiling”, while at the same time proposing to “radically curtail its handling of complaints”.

Against this backdrop, the letter expresses concern about the “deeper structural failures which are emerging in the way the ICO operates” and calls for the Committee to open an inquiry to determine “why data protection enforcement appears to be a low priority”.

To read more, click here.