New data protection rules asked by UK MPs
(Dieser Artikel ist auch in deutscher Sprache verfügbar)
The Justice Committee of the UK House of Commons issued on 3 January 2008 a report on public data protection summarising the status and development of the topic, especially since the November 2007 Chancellor's announcement to the Parliament related to the loss of confidential data records of 25 million people by HM Revenue and Customs.
The report that recommends a data breach notification law, criminal penalties for data controllers that are found responsible for breaching security, greater powers and financing for the Information Commissioner's Office, follows the line of the recommendations made by the House of Lords Science and Technology Committee in August 2007 that were rejected at that time by the government.
The present report emphasises the risk involved by large databases that are accessible by many licensed users, making particular reference to ContactPoint, the children's database that will come into being this year and the National Identity Register, also planned to be gathered in 2008. It also draws the attention on the risk related to the obligation to share data with the other EU member states. "If data held by the Government is available for inspection outside the jurisdiction, then the importance of restricting the amount of data held, as well as proper policing of who had access to it, takes on even greater importance." reads the report.
The report recommends that personal data should be held only where there are proper safeguards for the protection of the respective data, which, in the Justice Committee's opinion will become ever more difficult as data can be easily shared within the country as well as between countries.
A greater role in the data protection should be played by the Information Commissioner who should receive adequate support in this sense. "We note that he already considers that his resources are at a minimum" is the report statement.
It also calls for a legal obligation to notify the Commissioner as well as the affected parties on significant data losses and for penalties for those who disclose personal data.
A Ministry of Justice spokeswoman said: "Parliament is currently considering proposals to amend section 60 of the Data Protection Act through the Criminal Justice and Immigration Bill (...) This will provide a custodial sanction as well as the existing fines for those found guilty of unlawfully obtaining or disclosing personal data."
MPs call for tougher data protection regime (3.01.2008)
House of Commons Justice - First Report (3.01.2008)
HMRC loses confidential details of 5 million benefit recipients (20.11.2007)
Government ignores Personal Internet Security (29.10.2007)
Tougher data laws needed, say MPs (3.01.2008)
EDRi-gram: UK government loses personal data on 25 million citizens