New UK data protection law ‘urgently needed’

Security experts called for an urgent review of the law following the loss of the personal information of 25 million Britons by HM Revenue & Customs.

Most damning, they said, was the apparent revelation that the data lost was not encrypted but merely password protected.

“A criminal could break into these files in a matter of minutes,” Simon Davies, a senior visiting fellow at the London School of Economics who specialises in data security, said.

One senior executive at a high street bank called the breach a “fiasco”. He said: “You would never see a bank send data in the slapdash way HMRC did. To say we are disappointed is an understatement”.  Mr Davies called the incident “the final straw and the latest in a long line of fundamental errors at HMRC”.

He called for new legislation that would require bodies that lose information to inform members of the public who are placed at risk.

The Data Protection Act currently does not require companies to notify either the Information Commissioner’s Office or those affected by the loss of data.

In September, a House of Lords committee repeated calls for a data-breach notification law following a report that detailed the findings of an enquiry into internet security.

Figures at the Metropolitan Police and the Information Commissioner’s Office, in part responsible for upholding the DPA, have cautiously supported new measures though they have voiced concerns over who would police them.

Models for legislation would be likely to include California, where organisations are required to inform individuals immediately once they are aware of a loss of data.

Dr Gus Hosein of Privacy International, a non-government body that advocates for data protection laws, said that the UK is “the bad boy in the western world when it comes to data protection. It is the furthest behind”.

He said the UK trails far behind companies such as Germany and Canada on the issue while 34 of America’s 50 states have legislation in place.

 For more see Financial Times Online.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: