The ICO is now firmly stuck in 'regulatory capture' where it identifies and sympathises with the bodies it is supposed to be overseeing. Insiders who have left the ICO inform me that morale is low among those who joined with a view to making a difference and that those who remain are happy to be jobsworths who can look forward to a good pension after years of so-called public service. Few are legally or commercially qualified and I have been made aware that some staff have left after a couple of years there to set up as 'consultants' to advise companies, local authorities and public sector firms on how to avoid, delay and wear down embarrassing freedom of information requests. It's a thriving industry. I have also been reliably told that the ICO has only one competent section and that is Public Relations who successfully portray the occasional big win in which a company or public body openly admits to a breach of the law. The ratio of cover-ups to honest admissions is apparently somewhere in the region of 20 to 1. Whistle-blowers who try to use the ICO to get criminal activities into the public domain are treated so badly that it has become a worthless and unsafe venture. Too many people have discovered that the ICO is - ironically - not the place to mention serious data breaches and fraud. It can cost you your job and future prospects.
