Feeds

Child porn control goes too far, says privacy chief

Seize card, not whole account

Remote control for virtualized desktops

The Information Commissioner advised the Home Office against a key measure of its recent Data Protection Act amendment giving banks the power to administer an account without the knowledge of the account holders.

The measure has been put in place to prevent the re-use of payment cards to purchase child pornography and is explicitly limited only to that situation. Though the Information Commissioner's office mostly backs the change, it believes that it goes too far in one key respect.

"We were not persuaded that the part about administering the account was necessary," a spokeswoman for the Information Commissioner said. The Commissioner was consulted by the Home Office on the draft of the Home Secretary's Order amending the Act.

The draft Order says: "The processing of information about a criminal conviction or caution for an offence listed in paragraph (3) relating to an indecent photograph or pseudo-photograph of a child is necessary for the purpose of administering an account relating to the payment card used in the commission of the offence or for cancelling that payment card."

"We think it would have been enough to confiscate the card," said the spokeswoman, who confirmed that this would leave a person with an account but without the physical card that went with it.

The term "payment card" in the legislation refers to credit cards and to debit cards, so the "account" mentioned could be a full bank account, and not just a credit card account.

The measure has been established to prevent the use of credit cards to purchase child pornography at the request of payments body APACS. An APACS spokeswoman said the information could only go to the issuer of a card used for an offence. "There is nothing to stop that person going to another bank for another card," she said.

See:

Copyright © 2006, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Beginner's guide to SSL certificates

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.