Feeds

Info chief renews call for data breach crime penalties

Brown lets him carry out spot checks

Beginner's guide to SSL certificates

UK Identity Crisis The Prime Minister pledged today to give the Information Commissioner the right to perform spot checks on government departments in the wake of the HMRC ID debacle.

However, Gordon Brown’s statement will do little to placate the ICO, which has demanded it be allowed to launch criminal prosecutions against organisations that play fast and loose with confidential data.

Brown told the Commons today: "I profoundly regret and apologise for the inconvenience and worries that have been caused to millions of families that receive child benefits."

"We have a duty to do everything that we can to protect the public," he added.

Brown defended Whitehall’s record on data protection and its rules, saying the HMRC breach was down to an individual circumventing the regulations. But he conceded that the ICO should be able to carry out spot checks on government departments to audit their data protection procedures. He also said the Cabinet Office would review government procedures. Presumably before the ICO is actually allowed to march into Whitehall departments unannounced.

Richard Thomas, the Information Commissioner, said “I welcome the Prime Minister’s announcement today that my staff will be able to spot check government departments. We will work with the Ministry of Justice to confirm the detail of this announcement.”

But Thomas demanded the government go further, saying “It is also important that the law is changed to make security breaches of this magnitude a criminal offence... making this a criminal offence would serve as a strong deterrent and would send a very strong signal that it is completely unacceptable to be cavalier with people’s personal information.”

Thomas said that according to recent ICO research "people also rank protecting personal information as the second most important social issue – ahead of the environment and the NHS."

That may be a surprise to some. But if it wasn’t true before this week, it could well be true this week.

Public concern will embolden the Conservatives, and other opposition parties, to garner more public support in their efforts to discredit the Labour government’s plan to introduce ID cards.

Tory leader David Cameron described as “weird” and “bizarre” Brown’s contention that the government’s inability to keep the details of almost half the population safe had no bearing on whether it could keep the details of all the population safe.

Cameron even brought a little system analysis to bear, saying the fact a junior employee could access the entire database multiple times was evidence of “systemic failure”.

Certainly systems have been in turmoil at the HMRC – which is just a few years old. The merger of the two predecessor departments – Inland Revenue and Customs – has been followed by wide-ranging job cuts, as civil service unions have been quick to point out.

Perhaps this week’s outcry over the breach will lead to an overhaul of government procedures on handling citizen data. Then, all we’ll have to worry about is whether or not civil servants and politicos, especially those intent on "joined-up government", actually pay any attention next time. ®

Beginner's guide to SSL certificates

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.