• current Practice recommendations published on ICO website (s48): 0
  • Information notices published on ICO website (s51): 0
  • current Enforcement notices published on the ICO website (s52): 0
  • Certificates of non-compliance with Decision Notices (s54): 0
  • Use of powers of entry and inspection (s55, Sch 3): 0
  • Prosecutions for altering/blocking/concealing/destroying records with intent to prevent disclosure (s77): 0

Important notes

  • The statistics are based on the latest information that I can easily find, sources are indicated below.
  • I am not simply interested in enforcement action taking place, these figures about enforcement action being seen to be done.
  • Decision notices are excluded because I see these as ruling on whether or not a public authority has complied with the law as oppose to taking firm action to enforce the law. Also the ICO is legally required to issue Decision Notices (subject to certain limited exceptions) – I want to focus on the discretion he is exercising with regard to enforcement.
  • I am happy to accept any additions/corrections/clarifications that the Information Commissioner or any third party sees fit to provide.

Sources

  1. Good practice recommendations: The ICO has committed to publishing all practice recommendations. The latest one I found was one relating to Department of Health from March 2009. These recommendations are not binding as such so I am not particularly interested in searching for ones issued more than three years ago that are not listed on the ICO’s enforcement page.
  2. Information Notices: I checked the Enforcement page, ICO website (accessed 1 June 2013) and conducted other searches.
  3. It is known that the ICO has issued at least one (referred to in: FS50436434) but I could not easily find a copy.

  4. Enforcement notices: “There are currently no freedom of information enforcement notices available on the website.” Enforcement Notices page, ICO website, accessed 1 June 2013. The ICO has issued such notices in the past but my point is that none are regarded as current by the ICO.
  5. Certificates of non-compliance: Email from the ICO’s Assistant Internal Compliance Manager, 25 February 2009. I searched for more recent data but could not find any, in particular I checked the Enforcement page, ICO website (accessed 1 June 2013)
  6. Powers of entry/inspection: I checked the Enforcement page, ICO website (accessed 1 June 2013) and conducted other searches.
  7. Prosecutions: I checked the Enforcement page, ICO website (accessed 1 June 2013) and conducted other searches. The ICO is underfunded has a large backlog of cases which makes it difficult to catch offenders in time to prosecute.

Further note re practice recommendations
“Although a Practice Recommendation is not directly enforceable, a failure to comply with a Practice Recommendation may lead to a failure to comply with the FOIA or EIR. Further, a failure to take account of a Practice Recommendation may lead to an adverse comment in a report to Parliament by the Commissioner.” Source: ICO guidance on practice recommendations.