Feeds

Graham: ICO will blow £3m on IT services

Plus: 'Web-snoop law can't be honey-pot for anyone'

The Power of One Infographic

Infosec 2012 The UK's Information Commissioner's Office is looking to spend around £3m on its IT, with an invitation for tenders expected at the end of next month.

Information commissioner Christopher Graham told vendors at Infosec during his keynote speech that the ICO hoped to publish its procurement notice in the Official Journal of the European Union, seeking a vendor to provide his office with IT services.

Graham said the office would be spending about 20 per cent of its £15m budget on IT.

The commissioner also said that the ICO had handed out 14 civil monetary penalties (CMPs) for data protection breaches in the 18 months since he was given the power to do so.

Graham was keen to prove that the ICO wasn't just a toothless watchdog, but the fact that the majority of the penalties had gone to local authorities and other public bodies raised questions about the office's authority in the private sector.

However, Graham said that public bodies simply had more personal data than businesses so their breaches were often more serious. The penalties were only meant to be used when there had been a serious breach and if the offenders quickly fixed the problem and put in policies to make sure it would never happen again, they may not be fined, he said.

Data protection breaches were also taken more seriously by the ICO when the data controller wasn't up to scratch or the business hadn't taken steps to ensure their staff handled private information carefully.

He cited the example of one local authority where child protection papers were faxed off to the wrong place.

"[The authority] said that all the policies were in place, everybody was trained, it was all fine, nothing to see here," he said.

"But my people said, "Certainly not, this could happen again tomorrow".

"It happened that afternoon, exactly the same stupid faxing error and that's one of the reasons why a CMP was appropriate."

The commissioner was also asked by an Infosec attendee what he thought of the proposed web-snoop law and how that fit in with his mandate to protect people's privacy .

"You're referring to something that's called the Communications Capability Directive. We believe there's going to be something in the Queen's speech, whether it's going to be a bill or a draft, I don't know," he said.

"I would prefer to wait and see what's in the bill, but... I think if you're going to justify this invasion of privacy, you've got to make your case for it and you've got to mitigate any threats by showing that you've got limitations in place... and safeguards to make sure this honey-pot is not accessed by just anyone." ®

Maximizing your infrastructure through virtualization

More from The Register

next story
Sit back down, Julian Assange™, you're not going anywhere just yet
Swedish court refuses to withdraw arrest warrant
UK Parliament rubber-stamps EMERGENCY data grab 'n' keep bill
Just 49 MPs oppose Drip's rushed timetable
MPs wave through Blighty's 'EMERGENCY' surveillance laws
Only 49 politcos voted against DRIP bill
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
Delaware pair nabbed for getting saucy atop Mexican eatery
Burrito meets soft taco in alleged rooftop romp outrage
British cops cuff 660 suspected paedophiles
Arrests people allegedly accessing child abuse images online
LightSquared backer sues FCC over spectrum shindy
Why, we might as well have been buying AIR
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.