The UK Information Commissioner’s Office (“ICO”) has recently issued a fine of £180,000 to Instant Cash Loans Ltd for failing to keep customers’ personal data secure. The breaches occurred as the result of firstly a server being stolen and secondly another server being lost while being transported between the company’s offices. The ICO decision cited the company’s failure to encrypt the employee and customer personal data it held on the lost servers as well as a failure to keep the servers in a secure room overnight. The decision and the level of the fine exemplify the trends in recent years of more strict enforcement of data protection laws together with an increasing likelihood of large fines being imposed for breaches of data protection laws. These trends emphasise the increasing importance of compliance with UK and EU data protection rules.