Information Commissioner slams UK gov’t database plans

LONDON – The Information Commissioner has slammed the U.K. government for creating too many large scale databases, without “sufficient openness, transparency or public debate.”

On a dark day for the government’s data handling, Richard Thomas also simultaneously served enforcement notices on the Revenue and Customs department for its loss of two discs containing 25 million records, and on the Ministry of Defence for losing a laptop containing the details of up to 600,000 recruits.

The news comes days after Thomas called for increased powers and better resources.

Thomas criticised government plans to launch a database of all calls and e-mails made in the U.K. as “a step too far” that would raise serious data protection concerns. When news emerged in May of the planned database, a number of figures in the IT industry told Computerworld UK they felt the move would be a mistake.

He said he understood the need for tracking the communications of terrorist suspects. But at the launch of the ICO’s annual report, he added “there needs to be the fullest public debate about the justification for, and implications of” the database. Thomas said he “welcomed” the Home Affairs Committee’s report that urged the government to stop creating large databases on citizens without first proving they are necessary. “Sadly, there have been too many developments where there has not been sufficient openness, transparency or public debate,” he said.

Meanwhile, Thomas served enforcement notices on HM Revenue & Customs and on the Ministry of Defence. The two government departments will have to provide regular progress reports on their compliance, and any failure to comply with the notice is a criminal offense, the ICO said.

In the enforcement notice on HMRC, Richard Thomas said “the personal data processed on the missing compact discs were excessive for the purpose for which they were processed.” HMRC had also “failed to take appropriate measures to ensure the security of its data,” he said. HMRC now has three years to fully comply with the Poynter Report, he said.

The Ministry of Defence was served an enforcement notice in which Thomas said that, like HMRC, the data stolen was excessive for the medium it was on, and that not enough measures had been taken to ensure security.

The MoD has until 2009 to comply with the recommendations of the Burton Report, and must report to the Information Commissioner every three months on progress.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now