L67 Response Not Accepted Self-assessed

Sentencing Guidelines for Data Offences

Recommendation

On the basis that the provisions of s77-78 of the Criminal Justice and Immigration Act 2008 are brought into effect, so that increased sentencing powers are available for breaches of s55 of the Data Protection Act 1998, the Secretary of State for Justice should use the power vested in him by s124(1)(a)(i) of the Coroners and Justice Act 2009 to invite the Sentencing Council of England and Wales to prepare guidelines in relation to data protection offences (including computer misuse).

Published Evidence Summary
The following publicly available evidence relates to this recommendation:
According to the Government (27 February 2025), this recommendation was not implemented because the precondition for it was not met. According to the Government (27 February 2025), Sections 77-78 of the Criminal Justice and Immigration Act 2008, which would have provided increased sentencing powers for breaches of the Data Protection Act 1998, were never brought into force. Consequently, there was no basis for the Secretary of State for Justice to invite the Sentencing Council to produce guidelines for data protection offences.
How was this assessed?
Assessed by gemini-2.5-flash on 19 Mar 2026
Checked data held on this site (government responses, progress updates, independent evidence)
External sources searched: www.gov.uk, www.legislation.gov.uk, hansard.parliament.uk
Jurisdiction
UK-wide
Response
Not Accepted
Not Accepted UK Government
29 Nov 2012

This recommendation was not implemented. The government did not formally respond to civil justice recommendations in the Prime Minister's statement of 29 November 2012. Section 40 of the Crime and Courts Act 2013, which would have created a costs incentive mechanism, was enacted but never commenced. On 1 March 2018, the Secretary of State announced that Section 40 would not be commenced and would be repealed. Section 40 was repealed by Section 50 of the Media Act 2024 (Royal Assent 24 May 2024). Source: https://www.gov.uk/government/speeches/leveson-consultation-response

Read Full Response
Note: PM David Cameron responded to all 92 recommendations with a single statement accepting them "in principle" or "in part". No per-recommendation response was published.
Published Evidence

Published assessments of implementation progress from inspectorates, select committees, official progress reports, and other sources. Check the source type badge to see whether each assessment is independent or government self-reported.

Not Implemented
27 Feb 2025
Government Other

The increased sentencing powers under sections 77-78 of the Criminal Justice and Immigration Act 2008 were never brought into force (see L54). Without those powers being activated, there was no basis for the Sentencing Council to produce guidelines. No sentencing guidelines for data protection offences were produced.

View detailed findings

Not implemented. The precondition (bringing s77-78 into force) was never met.

Criminal Justice and Immigration Act 2008 View Source
Source
Inquiry Leveson Inquiry
Report An Inquiry into the Culture, Practices and Ethics of the Press 29 Nov 2012
View Source
Responsible Bodies
UK Government Primary
Themes & Tags
Personal data privacy risks Discriminatory media reporting oversight Criminal Law Sentencing Data Protection Guidelines
Recommendation age 13.3 yrs
Last formal update 4863 days ago