In a recent paper, the ICO has welcomed proposals outlined by national governments within the EU to restrict the cases where organisations would be required to notify data protection authorities and consumers of data breaches under the proposed Data Protection Regulation.

Under the current proposal, organisations would be required to notify data protection authorities of personal data breaches which are “likely to result in a high risk for the rights and freedoms of individuals.”

The ICO has expressed their concern that the current proposals will encourage a number of “trivial or inconsequential data breaches” to be notified to the ICO.

ICO paper (PDF)