Denham's warning comes in the regulator's new annual report, which covers the period between April 1 2017 to March 31 2018, and shows that there has already been a steep rise in both complaints and fines over the past 12 months, even before GDPR kicked in on May 25.
The report reveals that 235,672 calls were received by the ICO’s helpline, an increase of 24.1% year-on-year, while 30,469 live chats were requested, up 31.5%. The caseload from has increased from 115 to a whopping 3,526.
Over the course of the year, 21,019 calls were focused on data protection, a 15% increase from 2017, with most people concerned about subject access (39%), the disclosure of data (16%), its accuracy (11%) and securing the right to prevent processing (9%).
On the data breach front, the number of self-reported cases is also on the up. Some 3,172 incidents were reported to the ICO over the course of 2017/18, a 29.6% increase. The majority of these cases did not result in a fine, although healthcare is proving to be the most under fire sector in the UK, accounting for 36% of the incidents.
In total the ICO issued £4,788,000 in fines over the past 12 months, including 26 penalties totalling £3.28m for breaches of the Privacy in Electronic Communications Regulations (PECR), and 11 fines totalling £1.29m for serious security failures under the Data Protection Act 1998.
Denham described the fact that the regulator has managed to close more cases than last year as "truly impressive" and claimed that "the same staff working on cases have also had to upskill their knowledge to take account of legislative changes and provide in-house training to new starters at the ICO".
She added: "The ability of our staff to handle this increased workload demonstrates our ability to adjust and expand to increased demand for our regulatory services. This should reassure UK citizens that the ICO will be up to the challenge of handling their concerns well into the future even if caseloads rise as our projections indicate.
"This is an important time for privacy rights. A new legal framework in our immediate future, increased public interest in their data protection and access rights.
"Transparency and accountability must be paramount, otherwise it will be impossible to build trust in the way that personal information is obtained, used and shared online."
Thank you for your input
Thank you for your feedback
DataIQ is a trading name of IQ Data Group Limited
10 York Road, London, SE1 7ND
Phone: +44 020 3821 5665
Registered in England: 9900834
Copyright © IQ Data Group Limited 2024