NEWS29 August 2018

ICO data complaints spike post-GDPR

Data analytics GDPR News Privacy Technology UK

UK – Complaints to the Information Commissioner’s Office (ICO) about potential data breaches have almost doubled since April, before the General Data Protection Regulation (GDPR) came into effect.


The ICO received 2,165 data protection complaints in April, while the month of May saw a slight increase, with 2,310. Following the implementation of GDPR legislation on 25 May, the regulator received 3,098 complaints in June, and 4,214 in July.

Between 25 May and 3 July, there were 6,281 complaints – an increase of 160% from the 2,417 recorded in the same period in 2017, according to commercial law firm EMW and confirmed by the ICO.

Businesses can be fined up to €20m or 4% of global turnover under GDPR.

An ICO spokesperson said: “It’s early days and we will collate, analyse and publish official statistics in due course. But generally, as anticipated, we have seen a rise in personal data breach reports from organisations. Complaints relating to data protection issues are also up and, as more people become aware of their individual rights, we are expecting the number of complaints to the ICO to increase too.”

James Geary, principal for commercial contracts at EMW, said: “A huge increase in complaints is very worrying for many businesses, considering the scale of the fines that can now be imposed. There are some disgruntled consumers prepared to use the full extent of GDPR that will create a significant workload for businesses.”