Data Protection Bill: Information Commissioner and Enforcement

These parts of the bill concern the function of the Information Commissioner and her powers of enforcement


Information Commissioner and Enforcement Factsheet

This file may not be suitable for users of assistive technology. Request an accessible format.

If you use assistive technology (such as a screen reader) and need a version of this document in a more accessible format, please email Please tell us what format you need. It will help us if you say what assistive technology you use.

Information Commissioner: Data protection reform

Data sharing code of practice


The Information Commissioner independently upholds the information rights of citizens in the UK, and is able to enforce sanctions where breaches of regulation occur. These parts of the bill outline the functions of the Information Commissioner in accordance with data protection law, and her powers of enforcement including powers of entry and inspection.

The Bill will:

  • Retain the Information Commissioner as the UK’s independent data protection regulator.
  • Place a duty on data controllers to notify the Commissioner as well as individuals concerned of data breaches that risk affecting individuals’ rights.
  • Increase maximum penalties for regulatory breaches from £500K to £18m.
  • Create new offences to deal with emerging threats.
Published 14 September 2017