Information commissioner Richard Thomas has launched a thinly veiled attack on Gordon Brown after the prime minister's House of Commons statement today saying he “profoundly regrets” the loss of 25 million personal records.
Brown said, "When mistakes happen in enforcing procedures, we have a duty to do everything we can to protect the public." He dismissed suggestions that the government was complacent about ID theft as “quite ridiculous,” and insisted, “We are taking all the action that is necessary."
However, the information commissioner said in response, “For some time I have been pressing the government to give my Office the power to audit and inspect organisations that process people’s personal information without first having to get their consent. Ultimately this will ensure better compliance with the law and protect people’s data.
“I welcome the prime minister’s announcement today that my staff will be able to spot check government departments. We will work with the ministry of justice to confirm the detail of this announcement. It is essential that we are properly resourced to carry out this new function.
“It is also important that the law is changed to make security breaches of this magnitude a criminal offence.”
Thomas complained about his ability to only take “limited enforcement action” at present.
Making data breaches a criminal offence “would serve as a strong deterrent and would send a very strong signal that it is completely unacceptable to be cavalier with people’s personal information,” he said.
“People also rank protecting personal information as the second most important social issue – ahead of the environment and the NHS,” Thomas added.
“The onus is now on every organisation to take privacy far more seriously. Alarm bells must ring in every boardroom. Data protection safeguards must be technically robust and idiot proof.”