COVID Fraud Enforcement: Impact of the Latest Report on Company and Director Prosecutions
Explore how the Covid Counter Fraud report impacts COVID fraud enforcement and prosecutions against companies and directors.
Read More
If you are facing an ICO investigation or prosecution, it is vital to act quickly and secure the right legal representation.
Our specialist team of data protection solicitors has many years of experience guiding individuals and businesses through complex regulatory challenges. We will work tirelessly to protect your reputation, minimise risk, and achieve the best possible outcome for you and your organisation.
From our offices in Leeds, Sheffield and York, we represent clients across the United Kingdom, offering clear, strategic advice at every stage of an ICO investigation — from the initial enquiry and information notices through to interviews under caution, enforcement action, or court proceedings.
Led by Jeremy Scott, our dedicated Regulatory team is available 24/7 on 07971 520 407 to provide urgent assistance and reassurance when you need it most.
Please call now for a free, no-obligation discussion about your case.
Want to speak to us now? Call us now 07971 520407.
ICO investigations
The Data Protection Act (DPA) creates a number of criminal offences that can only be instituted by the Information Commissioner or with the consent of the Director of Public Prosecutions (DPP). The most relevant DPA offences to consider are:-
ICO investigations
Cases can be heard in either the Magistrates Court or the Crown Court with a maximum sentence in either Court of an unlimited fine.
As the body responsible for enforcing and overseeing the DPA 1998, the ICO enjoys enforcement powers quite separate from the court. The Information Commissioner can impose a fine (up to a maximum of £500,000) for serious contraventions of the DPA 1998.
Some have called for stronger sentencing powers and for breaches of the Act to carry a possible sentence of imprisonment.
However, there already are offences which carry custodial penalties for which those who breach section 55 of the DPA 1998 can be convicted. A person who has breached section 55 could, dependant upon the facts, be prosecuted for:
ICO investigations
If you are facing an investigation or prosecution for an alleged data breach, the early intervention of a specialist solicitor is a must. Our data protection and regulation law team has dealt with many cases where their timely advice and assistance has ensured a much better outcome for the client.
It is often the case that an unrepresented business will say or do things which prejudice the future defence of their case. We will assist from the very beginning of an investigation and avoid this. We will liaise with the regulator to obtain full disclosure. Our experienced team will then provide strong guidance on how to deal with investigations, formal interviews under caution and any subsequent court appearances.
We aim to protect you and your business from the potential negative outcomes of an investigation or prosecution. This can often be critical as the consequences of getting it wrong can include significant financial penalties, damage to the reputation of the business, loss of business and possible prison sentences.
Therefore the stakes are high and we are able to obtain the very best result for a business by carefully managing all aspects of an investigation. When dealing with an investigation, we can often avoid a subsequent prosecution or conviction and the negative consequences of the same. If this is not possible, then we aim to ensure that the most lenient sentence is achieved and that the negative consequences of this are limited.
Directors and other officers of companies who have committed offences, under the DPA 1998, can become liable for prosecution. Where it is shown that a company has committed an offence and it is proved to have been committed with the consent, connivance of, or due to any neglect on the part of a director or other officer, that person will be guilty of the offence in addition to the company itself That person becomes liable to being sentenced personally.
This principle also applies to the members of a company which is managed by its members.
If your organisation becomes aware of a data breach, there are steps that need to be taken.
Previously, there was no mandatory obligation to report breaches to the ICO, and no fixed penalty for not doing so.
Following GDPR coming into force the position on self-reporting changed. Businesses are obliged to self-report without undue delay if they become aware of a serious personal data breach. A breach will be deemed as serious if it is likely to result in a risk to the rights and freedoms of individuals.
At Flint Bishop, we can advise you from the offset as to the best ways to prevent, manage and control data breaches and how to deal with the fallout of any such breach.
Services
Knowledge
Contact Us
Our specialist data protection solicitors are ready to help. With offices in Leeds, Sheffield, and York, Flint Bishop’s experienced team works with clients across the UK.
For fast, confidential guidance on any data protection law issue, contact us today.
Call Jeremy Scott and the Regulatory Team 24/7 on 07971 520 407 for a free, no-obligation discussion.
On Monday 29 September, Flint Bishop successfully completed the acquisition of the entire business of Lupton Fawcett LLP. You have been forwarded to the page most relevant to your visit.
Please feel free to explore our website and learn more about our legal services and professionals, including those who have recently joined us from Lupton Fawcett.