Disaster recovery Toolkit

Brown grants data spot-check powers to the ICO

Kablenet.com

Published: 22 Nov 2007 11:31 GMT

Gordon Brown has announced that the Information Commissioner's Office will have the power to carry out data-protection spot checks on government departments.

Brown announced the new powers during prime minister's questions on 21 November, 2007, as the government attempts to win back public confidence lost in the wake of the Revenue & Customs data failure.

Brown told MPs that he had ordered the Cabinet Secretary to undertake a review of data safety in government and would give the information commissioner the power to spot check government departments to ensure data is safe.

The government has been slow to act in this area. It has continuously turned a blind eye to pressure from the Information Commissioner's Office (ICO) to arm it with greater powers to audit and inspect organisations on data-protection issues without first having to get their consent.

Welcoming the prime minister's announcement, information commissioner Richard Thomas said it was essential that his office was properly resourced to carry out this new function.

Read this

Leader: Trust in government tech lost on two CDs

The government has not only lost 25m confidential records — it may also have lost whatever faith the public still had in its ability to safeguard their data…

"It is also important that the law is changed to make security breaches of this magnitude a criminal offence," said Thomas. "At the moment I can take limited enforcement action, but making this a criminal offence would serve as a strong deterrent and would send a very strong signal that it is completely unacceptable to be cavalier with people's personal information.

"Such a change will enable us to prosecute organisations where appropriate. The law needs to be changed urgently so that people's personal details are properly protected.

Research published by the ICO earlier this month highlighted that nine out of 10 people are concerned that organisations do not handle their personal information properly. The study also showed that people rated the protection of their personal information as the second-most important social issue, ahead of the environment and the NHS.

"The onus is now on every organisation to take privacy far more seriously," warned Thomas. "Alarm bells must ring in every boardroom. Data-protection safeguards must be technically robust and idiot proof."