There should be tougher penalties, including jail sentences where appropriate, for those who breach data security laws, the UK’s Information Commissioner Christopher Graham told delegates at a recent meeting of the Parliamentary IT Committee (PITCOM).
Citing the case of employees of telecommunications operator T-Mobile who, it is alleged, last year stole and sold on the personal data of thousands of the company’s customers to rival firms, Graham said that if potential offenders were faced with “not just a rather modest fine in a magistrate’s court but the real prospect that this could land them in jail”, it would serve as a more effective deterrent.
However, such preventative measures must be tempered with positive action, Graham said. “Regulation is about enforcement, yes; but it’s also about education, and frankly it’s much easier to be an effective regulator if you start off being an educator.”
There was also an ongoing need to strengthen the link between what had originally been two separate parts of the work of his office: data protection and freedom of information, Graham said. The two now form part of a “seamless web” of information rights, he said. “The ICO can no longer be organised with one team only concerned with data protection and a different team only concerned with freedom of information. That makes it less effective and, incidentally, difficult to manage.”
NOTE: For a full report on the session see the ‘Meeting reports’ section at: http://www.pitcom.org.uk .
NOTE: Article originally published in E-Government Bulletin issue 307.
Click here to visit/return to issue 307 index
