The Information Commissioner’s Office (ICO) has fined the Cabinet Office for breaching Articles 5(1)(f) and 32 of the GDPR.The body published a file on the GOV.UK website containing the names and addresses of more than a thousand people honoured with orders and titles of nobility on the New Year’s List. Many of these are people who hold prominent positions.
The ICO received three complaints from those affected by the breach, the Cabinet Office was contacted by 27 people. The ICO found that the Cabinet Office failed to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks involved in processing data for the 2020 New Year Honours List. This resulted in a breach of the confidentiality and integrity of personal data protection.