Fine of £750.000 issued, reduced under public sector approach.
The Information Commissioner’s Office (ICO) is set to issue a monetary fine of £750,000 to the Police Service of Northern Ireland.
The proposed fine relates to an incident where personal information – including surname, initials, rank and role of all 9,483 serving PSNI officers and staff – was included in a "hidden" tab of a spreadsheet published online in response to a freedom of information request.
The ICO said it “used discretion to significantly reduce potential fine to ensure public money is not diverted from where most needed.” However it did point out that the data breach “brought tangible fear of threat to life.”
The Police Service has been issued with a preliminary enforcement notice, requiring the Service to improve the security of personal information when responding to FOI requests.
There may be private charges though, as around 5,000 Northern Ireland police officers and staff are involved in a group litigation order.
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
