Data protection law change urged

Safeguards in place to protect data relating to individuals in the UK are inadequate and need to be strengthened, a group of MPs has said. After the loss of two discs containing information about 25 million UK citizens and several other breaches of the Data Protection Act were brought to light in recent months, the Justice Committee has made a number of recommendations to parliament on the matter. The Justice Committee, chaired by Liberal Democrat MP Alan Beith, told the house there was a "widespread problem within Government relating to establishing systems for data protection". One of the key recommendations was that the Information Commissioner's Office should have greater powers. Currently, it is not compulsary for government departments or private companies to inform the Information Commissioner about breaches of the Data Protection Act. However, the Justice Committee wants this to be made law, as well as giving the Information Commissioner the power to carry out spot-checks on government departments to assess their security measures. "It is widely accepted that it is necessary to have a substantial increase in the powers given to the Information Commissioner to enable him to review systems for data protection and their application - recent events have underlined the urgency of this," the Justice Committee's report said. The Information Commissioner himself, Richard Thomas, had called for such measures to be introduced in a previous report to the house. And the House of Lords Science and Technology Committee's Personal Internet Security report, issued in August last year, also recommended that the government should consider the effectiveness of the Information Commissioner's Office "in enforcing good standards of data protection across the business community". But at the time the Government rejected the Science and Technology Committee's recommendations, saying the current enforcement regime for data protection was "fit for purpose". However, following the loss of the two discs by the HMRC, the Prime Minister told the house: "We will give the Information Commissioner the power to spot-check [government] departments, to do everything in his power and our power to secure the protection of data." The Justice Committee welcomed this U-turn. "We hope that this change of heart will lead to powers quickly being provided through legislation," the Justice Committee's report said. The Justice Committee also called for those responsible for the exposure of sensitive data, whether intentional or not, to face prosecution, at the recommendation of the Information Commissioner. "The Information Commissioner has called for changes in the law to make significant security breaches — where they are reckless or repeated — a criminal offence." www.parliament.uk www.ico.gov.uk

More news via RSS Post item to Del.icio.us Post item to Digg.com