New powers designed to deter data breaches are expected to come into force on April 6, 2010. The ICO will be able to order organisations to pay up to £500,000 as a penalty for serious breaches of the Data Protection Act. The power to impose a monetary penalty is designed to deal with the most serious personal data breaches and is part of the ICO’s overall regulatory toolkit which includes the power to serve an enforcement notice and the power to prosecute those involved in the unlawful trade in confidential personal data.
01 March 2010
Up to £500,000 fines for serious breaches
![Default Article Featured Image_laptop-newspaper-global-article-090623[95].jpg](https://images.contentstack.io/v3/assets/bltd4dd5b2d705252bc/blt61f52659e86e1227/64ff207a8606a815d1c86182/laptop-newspaper-global-article-090623[95].jpg?width=3840&quality=75&format=pjpg&auto=webp)
Related stories
Thought for the week: What a good golf lesson can teach about the impact of geopolitical risk on global data, cyber and AI
Notes from the IAPP Canada: Pan-Canadian IAPP KnowledgeNet explores practical application of AI governance
A view from DC: Some health data is extra super sensitive
A look ahead at digital policy in 2026 with Omer Tene
Notes from the Asia-Pacific region: Strong start to 2026 for China's data, AI governance landscape
