U.K. mulls prison sentences for data misuse

The maximum penalty for data misuse is set to become two years’ imprisonment, if new government plans come into effect.

The plan, which is now open to consultation, marks a toughening of the government’s stance on the issue, for which there is currently a maximum penalty of a £5,000 fine. The penalty relates to individuals found guilty in a court of law to obtaining, disclosing, or selling personal data, in a reckless and unlawful manner.

For those found guilty in a Crown Court, the maximum sentence will be two years in prison, and the maximum for Magistrates’ Court cases is 12 months. The courts will also be able to impose tougher fines or community sentences.

More from IT World Canada – Instant messaging accelerates data theft

The public consultation is open until 7 January 2010.

Last year, a British naval officer landed in hot water after he lost a laptop containing personal information on about 600,000 people.

Earlier this year, a report by U.K.-based security vendor that 88,000 FTP credentials, including those of Symantec and McAfee, were stolen by a Trojan, illustrated that enterprise data security is often neglected.

Michael Wills, justice minister, said that the reckless misuse of personal data was a “serious criminal offence”, and that the threat of prison sentences “would act as a strong deterrent”.

“We have been monitoring this illegal trade closely with the help of the Information Commissioner and as there is a great deal of concern about the protection of personal data we think the time has now come to consider a more robust penalty.”

The government insisted it did not want to restrict the freedom of the press. It will look at introducing additional measures to protect journalists obtaining information “in the public interest”, it said.

The Information Commissioner’s Office welcomed the news. A spokesperson said that the current fines were “paltry” and the penalty needed to be made tougher.

Jamie Cowper, EMEA marketing director at data encryption supplier PGP Corporation, added that the existing penalties acted as “no deterrent to professional data thieves who can potentially make ten to twenty times more than this by selling their ill gotten gains to the highest bidder”.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now