If you weren’t sure if the UK’s Information Commissioner’s Office (ICO), the data protection regulator, wasn’t prepared to flex its muscles, its first two fines for data breaches amounting to a combined almost £300 million should persuade you otherwise.