ICO: Upgrades must protect privacy
Look before you leak, organisations told
The Information Commissioner's Office is urging organisations to consider the impact on privacy before developing new IT or changing methods of handling personal data.
The call came as the ICO published the latest version of its privacy impact assessment handbook. The handbook aims to help organisations address the risks to personal privacy before implementing new initiatives and technologies.
Jonathan Bamford, assistant information commissioner, said: "For the public to have trust in an organisation, individuals must be confident that their information is held securely and processed in line with the Data Protection Principles.
"Each time someone gives away their personal information this not only puts the data at risk, they can leave a footprint creating a detailed picture of aspects of their daily lives. Therefore, it is essential that before introducing new systems and technologies, which could accelerate the growth of a surveillance society, full consideration is given to the impact on individuals and that safeguards are in place to minimise intrusion."
After the data breach at HM Revenue and Customs in November 2007, the Cabinet Office introduced a mandatory procedure for all central government departments and their agencies to adopt privacy impact assessments when they develop new systems.
Bamford described privacy impact assessments as a common sense approach to help organisations develop privacy friendly ways of working.
This article was originally published at Kable.
Kable's GC weekly is a free email newsletter covering the latest news and analysis of public sector technology. To register click here.
Heh, "Must protect privacy"
Tell that to wannabe uber data mining 'la la la I can't hear you' egotards like the team behind the Firefox extension we used to lovingly call 'Foxmarks'.
No warnings, no cautions when installing Xmarks. Oh, and if you upgrade an existing Foxmarks to Xmarks, you're happily, silently, opted in as well. Suuuure, you can opt out. After the fact. What, you opted out of our service, but we'll still use your data because we never fully confirmed *everything* will be deleted did we now? we just said something so you'd be quiet. Thanks for helping us start up our business though. Now go away, I must count my money.
ICO on the Cutting Edge
The. Closing. Horse. Bolted. Stable. Shut. After. Door. Has. The.
Are companies and indivudals not *required* to ensure only the most essential personal data is held and access limited.
Webwise Discover - where is the PIA
Good point from the ICO.
I wonder where the PIA is for the new Phorm vapourware widget, Webwise Discover? There are a number of new privacy implications around the operation of this new "search engine/targeted browsing preferences" implementation linked to the existing Webwise DPI interception and profiling, and I have seen NO privacy discussion of the technology nor any clear technical explanation of how it works. Surely Phorm didn't forget to do the PIA did they? After all, they only managed a "late stage implementation model" on the original Webwise, so surely they will have done a PROPER PIA on the new "beta" product - if it actually exists.