Procurement · 13 January 2016

ICO: Cyber criminals should receive stronger sentencing

ICO: UK courts should be given greater powers to deliver stronger sentences to cyber criminals
The Information Commissioner’s Office (ICO) the government body responsible for the enforcement of the Data Protection Act has issued a statement calling for more serious punishments for cyber criminals.

In response to a perceived disconnect between the actions of cyber thieves and the punishments they receive, the ICO said that UK courts should be given greater powers to deliver stronger sentences to people who steal and share the personal details of others online.

The information commissioner Christopher Graham said that the fines being given to cyber criminals currently did not go far enough and were not enough of a deterrent.

the fines that courts are issuing at the moment just don’t do enough to discourage would-be data thieves.

wed like to see the courts given more options: suspended sentences, community service, and even prison in the most serious cases, he said.

Prosecuting under the Data Protection Act, the ICO is limited to issuing fines for cyber crime. The secretary of state’s office has the power to to alter the penalty for an offence of unlawful obtaining data under the act, which could givejudges greater sentencing powers, including prison terms.

Director of cyber crime and prevention at online data protection firm 8MAN, Esther George, said that because these actions have not yet been taken, it is no surprise that cyber crime continues to rise. Only with tougher penalties will we deter cyber criminals, he said.

For George, greater education within firms is necessary for understanding how best to handle cyber crime, as companies wrongly presume that all cases of data theft should be reported to the ICO. The Crown Prosecution Service (CPS) is, in some instances, better able to investigate and issue more appropriate sentencing.

many organisations presume that if data is lost that the ICO should be informed, which then runs its own investigation and prosecute. This means that the police and CPS arent even aware or are able to impose tougher sanctions.



Fred Heritage was previously deputy editor at Business Advice. He has a BA in politics and international relations from the University of Kent and an MA in international conflict from Kings College London.