
People Capabilities In this section you can find Services Banking and Finance Banking and Finance overview Asset & Lease Finance Capital Markets Corporate Debt Leveraged Finance Project, Energy and Infrastructure Finance Real Estate Finance Restructuring and Insolvency Securitization and Structured Finance Trade and Export Finance Competition, Trade and Foreign Investment Competition, Trade and Foreign Investment overview Antitrust and Competition Litigation Dawn Raids Foreign Investment and National Security Law International Sanctions and Export Controls International Trade Law Merger Control Procurement and State Aid Construction and Engineering Construction and Engineering overview Construction Disputes Contracts and Procurement EPC Project Advisory Corporate and M&A Corporate and M&A overview Capital Markets Corporate Governance International Corporate Reorganizations Joint Ventures Mergers and Acquisitions Private Equity Venture Capital Corporate Crime Corporate Crime overview Anti-Bribery and Corruption Anti-Money Laundering International Sanctions and Export Controls Regulatory Investigations and Enforcement Data Privacy, Security and Technology Data Privacy, Security and Technology overview Cybersecurity Data Privacy Disruptive Technology Electronic and Mobile Commerce Information Law Product Counseling Regulatory Defense and Litigation Technology Transactions and Sourcing Telecom Services Employment, Labor and Pensions Employment, Labor and Pensions overview Corporate Transactions Cross-Border Employment and Pensions Diversity, Pay and Discrimination Employee Benefits and Executive Compensation Employment Employment Litigation Global Mobility and Immigration Labor and Industrial Relations Pensions and Retirement Plans Pensions Risk Transfer and Management Pensions Scheme Disputes Public Sector Pensions Financial Services Regulation Financial Services Regulation overview Asset Management Crypto Assets Derivatives Funds Financial Services Disputes and Investigations Insurance Insurance overview Captives Insurance and Reinsurance Disputes Insurance and Retirement Products, Insurance Distribution Insurance Financing and Capital Markets Insurance M&A, Reinsurance and Restructuring Insurance Regulation and Compliance Insurance Regulatory Investigations and Enforcement Insurance Taxation Insurtech Pensions Risk Transfer and Management Intellectual Property Intellectual Property overview IP Audits and Assessments IP Litigation IP Transactional Patents Trademarks, Trade Dress and Copyrights Trade Secrets Investigations Investigations overview Antitrust and Competition Investigations Employment Investigations Internal Investigations Konexo Konexo overview Legal Services Interim Resourcing Data and Cyber Consulting Legal Team Consulting Litigation and Dispute Resolution Litigation and Dispute Resolution overview Class Actions Commercial Litigation Construction Disputes Corporate Claims Costs unit Energy Disputes Environmental, Health and Safety Financial Services Disputes and Investigations Fraud Insurance and Reinsurance Disputes International Arbitration Procurement Disputes Product Liability and Product Recall Professional Liability Public Inquiries and Investigations Public International Law Real Estate Disputes Regulatory Investigations and Enforcement Tax Controversy and Litigation Technology and Communications Disputes Real Estate and Planning Real Estate and Planning overview Commercial Development and Leasing Corporate Real Estate Planning and Environmental Planning and Infrastructure Real Estate Disputes Real Estate Finance Living Strategic Contracts Strategic Contracts overview Contract Modernization Outsourcing Strategic Partnerships Tax Tax overview Acquisitions and Restructuring Business Taxation Employee Benefits and Executive Compensation Real Estate Tax Taxation of Financial Transactions and Institutions Tax Controversy and Litigation Transfer Pricing US State and Local Tax VAT/Indirect Taxes Industries Charities and Not for Profit Consumer Consumer overview Food and Beverage Hospitality and Leisure Luxury Retail and Wholesale Education Education overview Further Education Higher Education Schools and Academies Energy Energy overview Clean Energy Energy Regulatory Hydrogen Nuclear Oil and Gas Power Water and Wastewater Financial Services Financial Services overview Corporate and Investment Banking Payments and Fintech Private Capital Retail Banking and Consumer Finance Governments and Infrastructure Governments and Infrastructure overview Governments and Strategic Projects Infrastructure Local Government Parliamentary Public Sector Transportation Industrials Industrials overview Aerospace, Defense and Security Automotive Chemicals Manufacturing and Industrial Engineering Life Sciences and Healthcare Life Sciences and Healthcare overview Agriculture and Medicinal Cannabis and CBD Healthcare Industrial Biotechnology Medical Devices Pharmaceuticals and Biotechnology Research and Development Vaccines Real Estate Real Estate overview Alternative Assets Multi and Single Family Residential Office and Industrial Real Estate Investment Retail and Mixed Use Transport Related Real Estate Sports Technology & Digital Technology & Digital overview Digital Content Digital Infrastructure Technology Resources Insights Client tools Events and training Business topics About About us Firm leadership Purpose and values Responsible business Community Diversity and Inclusion Environmental sustainability Pro bono Reports Alumni News Careers UK Careers Applications Why us? Lawyers and partners Business professionals Students and recent graduates Apprenticeships Students Graduates Recruitment process Events Student and graduate applications Offices United Kingdom Visit global site Select a local version of the site Angola Asia Austria Belgium Bulgaria Czech Republic Estonia Finland France Germany Hungary Iraq Ireland Italy Jordan Latvia Lithuania Luxembourg Mauritius Mozambique Netherlands Poland Portugal Qatar Romania Saudi Arabia Slovakia South Africa Spain Sweden Switzerland Tunisia United Arab Emirates United Kingdom United States Rest of the world en Select language English Regulatory investigations by the UK's ICO Part 3 \| Eversheds Sutherland Home Resources Insights Home Resources Insights Regulatory investigations by the UK's ICO Part 3 Regulatory investigations by the UK's ICO Part 3 Financial penalties July 30, 2024 United Kingdom United Kingdom United Kingdom In March 2024, the Information Commissioner's Office (ICO) issued new guidance on how it fines organizations that breach UK data protection rules in an attempt to provide clarity and transparency. In particular, the guidance focuses on the circumstances in which an organization that breaches the UK’s General Data Protection Regulation (UK GDPR) or the Data Protection Act 2018 (the DPA) will receive a penalty. In Part 3 of this series published in Compliance & Risk by PDP Journals, Liz Fitzsimons and Heather Farrell-Boote explain the impact of the regulator's new fining powers, and how its approach compares to European and US fines. Further reading: Part 1: Regulatory investigations by the UK's ICO: what to expect and how to respond Part 2: Regulatory investigations by the UK’s ICO: procedural steps and preventive measures The materials on the Eversheds Sutherland website are for general information purposes only and do not constitute legal advice. While reasonable care is taken to ensure accuracy, the materials may not reflect the most current legal developments. Eversheds Sutherland disclaims liability for actions taken based on the materials. Always consult a qualified lawyer for specific legal matters. To view the full disclaimer, see our Terms and Conditions or Disclaimer section in the footer. Services Data Privacy Data Privacy, Security and Technology Regulatory Defense and Litigation Key contacts Liz Fitzsimons Partner United Kingdom Heather Farrell-Boote Principal Associate United Kingdom Latest Insights legal updates Cyber Resilience Landscape – An Update to Practical Implementation legal updates The UK Employment Rights Act: zero hours and low hours contract provisions legal updates FS+ Country Updates – May 2026 legal updates UK Real Estate Round Up May 2026 Latest News client news Advising Howden Joinery Group plc on £390m DIY Kitchens acquisition client news Next stop, public ownership: Eversheds Sutherland advises DfT on GTR transition client news A blueprint for growth: Eversheds Sutherland supports Leonard Design Group restructuring and MBO firm news Eversheds Sutherland strengthens restructuring offering with senior partner appointment Latest Events virtual \| June 09, 2026 UK employment law training virtual \| June 10, 2026 Education Webinar - Occupational Stress : Preventing Suffering, Enhancing Wellbeing virtual \| June 16, 2026 Nordic (Denmark, Finland, Norway and Sweden) employment law training virtual \| June 17, 2026 Education Webinar - Equality, diversity and inclusion: current developments and emerging trends for the sector Tabs Label legal updates June 05, 2026 Cyber Resilience Landscape – An Update to Practical Implementation legal updates June 05, 2026 The UK Employment Rights Act: zero hours and low hours contract provisions legal updates June 04, 2026 FS+ Country Updates – May 2026 legal updates June 04, 2026 UK Real Estate Round Up May 2026 Legal notices Terms & conditions Privacy notice Cookies Modern Slavery Whistleblowing ES(I)LLP Members LinkedIn Facebook YouTube Connect Contact us Client login Staff login Subscribe About us About Eversheds Sutherland Purpose and values Responsible business Alumni Insights Client tools Events and training Business topics Careers Offices © Eversheds Sutherland 2026. All rights reserved. Eversheds Sutherland is a provider of legal and other services operating through various separate and distinct legal entities. For further information about these entities and Eversheds Sutherlands' structure please see the Legal Notice page of this website. Eversheds Sutherland is the name and brand under which the members of Eversheds Sutherland Limited (Eversheds Sutherland (International) LLP and Eversheds Sutherland (US) LLP) and their respective controlled, managed and affiliated firms and the members of Eversheds Sutherland (Europe) Limited (each an "Eversheds Sutherland Entity" and together the "Eversheds Sutherland Entities") provide legal or other services to clients around the world. Eversheds Sutherland Entities are constituted and regulated in accordance with relevant local regulatory and legal requirements and operate in accordance with their locally registered names. The use of the name Eversheds Sutherland, is for description purposes only and does not imply that the Eversheds Sutherland Entities are in a partnership or are part of a global LLP. The responsibility for the provision of services to the client is defined in the terms of engagement between the instructed firm and the client. For further information about these Eversheds Sutherland Entities and Eversheds Sutherlands’ structure please see the Legal Notices page of this website. For information on Konexo please also see the Legal Notices page of this website

Regulatory investigations by the UK's ICO Part 3

Financial penalties

July 30, 2024

United Kingdom

In March 2024, the Information Commissioner's Office (ICO) issued new guidance on how it fines organizations that breach UK data protection rules in an attempt to provide clarity and transparency.

In particular, the guidance focuses on the circumstances in which an organization that breaches the UK’s General Data Protection Regulation (UK GDPR) or the Data Protection Act 2018 (the DPA) will receive a penalty.

In Part 3 of this series published in Compliance & Risk by PDP Journals, Liz Fitzsimons and Heather Farrell-Boote explain the impact of the regulator's new fining powers, and how its approach compares to European and US fines.

Latest Insights

legal updates
Cyber Resilience Landscape – An Update to Practical Implementation
legal updates
The UK Employment Rights Act: zero hours and low hours contract provisions
legal updates
FS+ Country Updates – May 2026
legal updates
UK Real Estate Round Up May 2026

Latest News

Latest Events

virtual | June 09, 2026
UK employment law training
virtual | June 10, 2026
Education Webinar - Occupational Stress : Preventing Suffering, Enhancing Wellbeing
virtual | June 16, 2026
Nordic (Denmark, Finland, Norway and Sweden) employment law training
virtual | June 17, 2026
Education Webinar - Equality, diversity and inclusion: current developments and emerging trends for the sector

Tabs Label

legal updates

June 05, 2026

Cyber Resilience Landscape – An Update to Practical Implementation

legal updates

June 05, 2026

The UK Employment Rights Act: zero hours and low hours contract provisions

modern office interior glass ceiling architectural lines corporate building

legal updates

June 04, 2026

FS+ Country Updates – May 2026

Contemporary office buildings courtyard modern architecture glass facade

legal updates

June 04, 2026

UK Real Estate Round Up May 2026

Offices

© Eversheds Sutherland 2026. All rights reserved. Eversheds Sutherland is a provider of legal and other services operating through various separate and distinct legal entities. For further information about these entities and Eversheds Sutherlands' structure please see the Legal Notice page of this website.

Eversheds Sutherland is the name and brand under which the members of Eversheds Sutherland Limited (Eversheds Sutherland (International) LLP and Eversheds Sutherland (US) LLP) and their respective controlled, managed and affiliated firms and the members of Eversheds Sutherland (Europe) Limited (each an "Eversheds Sutherland Entity" and together the "Eversheds Sutherland Entities") provide legal or other services to clients around the world. Eversheds Sutherland Entities are constituted and regulated in accordance with relevant local regulatory and legal requirements and operate in accordance with their locally registered names. The use of the name Eversheds Sutherland, is for description purposes only and does not imply that the Eversheds Sutherland Entities are in a partnership or are part of a global LLP. The responsibility for the provision of services to the client is defined in the terms of engagement between the instructed firm and the client. For further information about these Eversheds Sutherland Entities and Eversheds Sutherlands’ structure please see the Legal Notices page of this website. For information on Konexo please also see the Legal Notices page of this website

Regulatory investigations by the UK's ICO Part 3

Financial penalties

Further reading:

Services

Key contacts

Latest Insights

Latest News

Latest Events