Feeds

Privacy groups demand one commissioner to rule them all

How many privacy commishes do we really need?

High performance access to file storage

The UK needs a single privacy commissioner, and not the tangle of officials it is creating to police the area, an alliance of pressure groups claimed yesterday.

Terri Dowty, Director of Action on Rights for Children (ARCH), warned of the uncoordinated and ineffective proliferation of commissioners now operating in this area. Dowty made the call on behalf of a number of other campaign groups, including Privacy International, Genewatch UK and NO2ID.

The call came in a statement broadly welcoming of government proposals to cut back on its predecessor's over-bearing regulation of everyday life, Dowty expressed concern that the Protection of Freedoms Bill, which received its second reading in Parliament this week, proposes the establishment of two new commissioners for biometrics and CCTV. This would expand the number of commissioners responsible for privacy and surveillance from three to five.

However, Dowty said: "[this] will not necessarily lead to greater protection for the public and may even fracture the protection that already exists.

She went on: "The only way of providing meaningful oversight of freedom and privacy is to bring all of these commissioners into a single privacy commission".

Over the last few years, the UK has invested heavily in "Commissioners", with individuals bearing that title employed to look after areas as diverse as Children, Traffic and Immigration Services. We already have:

  • An Information Commissioner, responsible for promoting and enforcing compliance with the Data Protection Act 1998
  • An Interception of Communications Commissioner created by s57 Regulation of Investigatory Powers Act 2000, whose duties include the oversight (but not the investigation) of those who issue warrants and the procedures of those acting under warrants
  • A Chief Surveillance Commissioner with similarly limited powers, charged with keeping under review the operation of the powers and duties of directed and covert surveillance under RIPA.

The Repeal Bill proposes adding two more Commissioners whose remit would broadly cover issues of privacy. Clause 34 of the Bill would establish a Surveillance Camera Commissioner, responsible for advising the Home Secretary on the drawing up of a code of practice (on the use of surveillance cameras) "encouraging" compliance with the code and reviewing its operation.

Clause 20 would establish a Biometrics Commissioner, whose role would be limited to reviewing any national security determinations made under existing terrorism legislation or under Clause 9 of the Bill, and with the power to order the destruction of biometric material if it cannot lawfully be retained.

A spokesman for the Home Office told us that such rationalisation was not being proposed, because the areas covered by each Commissioner and the powers granted to each were wholly different. This response also implied a certain lack of joined-up thinking on the part of government, as they suggested that since some of these roles fell under the Ministry of Justice, some under the Home Office, a single view on the subject of Commissioner rationalisation was not possible.

However, according to those in favour of rationalisation, this is simply rhetoric disguising some very real flaws in current proposals.

First, as ARCH points out, there is already overlap of powers (on CCTV, for instance), leading to confusion as to which Commissioner is responsible for particular fields and also the creation of gaps that no single Commissioner feels empowered to cover.

Second, the proliferation of Commissioners has costs attached - and while these may not be massive (of the order of £2m for an "ordinary" Commissioner, and £17m for the Information Commissioner) there are clearly savings to be made.

Finally, by limiting the powers of individual Commissioners to such narrow areas, the government is failing to future-proof its Freedoms Bill and instead is creating an inevitable requirement for future Commissioners to be created in response to new threats to privacy, such as RFID, or additional obligations set by EU directives.

Is government really opposed to the idea of a Privacy Commissioner? Or is it possible, as Dowty suggests, that the idea just hasn't occurred to them? ®

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Big Content goes after Kim Dotcom
Six studios sling sueballs at dead download destination
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
Singapore decides 'three strikes' laws are too intrusive
When even a prurient island nation thinks an idea is dodgy it has problems
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
France bans managers from contacting workers outside business hours
«Email? Mais non ... il est plus tard que six heures du soir!»
Reprieve for Weev: Court disowns AT&T hacker's conviction
Appeals court strikes down landmark sentence
US taxman blows Win XP deadline, must now spend millions on custom support
Gov't IT likened to 'a Model T with a lot of things on top of it'
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.