Personal data security lapses identified

Summary

This Report ‘Information Commissioner's Office: Annual Report 2006/07’ (HC 646) highlights the various issues that surround freedom of information and personal data security.

For example, there have been over 200,000 requests for information from public authorities, most of them successful, with members of the public the biggest group of users, with information requests covering such areas as, toxic waste, speed cameras, the performance of surgeons and MP's travel expenses.

Another area of concern has been personal information and identity theft, where the purposeful, routine and systematic recording of everyone's movements, activities and transactions in public and private spaces, has led to the notion of a surveillance society. Security lapses in regard of personal information from banks, retailers, government departments and public bodies require organisations to have guaranteed safeguards in place for data protection.

The Information Commissioner received around 24,000 enquiries and complaints about personal data in 2006-07. The Report states that breaches were "likely to have happened" in 35% of these cases.

Found this story interesting?
Spread the news by clicking below to add it to your bookmarking service:

Law-Making Explained

This is a House of Commons Paper (HC 646 2006-07): it is an Annual Report from the Information Commissioner's Office.

Find out more about House of Commons Papers.

How does it affect me?

If your personal data is stored by a business or public sector body - e.g. a high street retailer, a bank or a government agency - or you work for a business or public sector body which collects and/or stores personal data, this affects you.

The Information Commissioner's Office (ICO) is the UK's independent public body set up to promote access to official information and to protect personal information. It enforces the Data Protection Act 1998, the Freedom of Information Act 2000, the Privacy and Electronic Communications Regulations 2003 and the Environmental Information Regulations 2004.

It also provides guidance to organisations and individuals to promote awareness of information rights and obligations. The Commissioner, who reports directly to Parliament, has the power to order compliance, using enforcement and decision notices and prosecution.

Commenting on the Annual Report, Richard Thomas, the Information Commissioner, said "Business and public sector leaders must take their data protection obligations more seriously. The majority of organisations process personal information appropriately – but privacy must be given more priority in every UK boardroom. Organisations that fail to process personal information in line with the Principles of the Data Protection Act not only risk enforcement action by the ICO, they also risk losing the trust of their customers."

The Information Commissioner is seeking greater powers to inspect companies, including the power to ‘spot check’ without being required to obtain permission.