MPs’ calls for criminal penalties to tackle personal data security leaks are “missing the point”, a privacy campaign group has warned.
The Commons justice committee called for new laws making significant security breaches – where they are reckless or repeated – a criminal offence in a report on its snap inquiry called in the wake of the HM Revenue and Customs data loss fiasco.
The MPs echoed similar calls for criminal sanctions made by information commissioner Richard Thomas. The data watchdog has urged the Ministry of Justice to target both individuals and organisations that are “grossly negligent” with personal data.
But the NO2ID group, which campaigns against the government’s ID cards and data sharing plans, said such penalties were “missing the point” and warned that the MoJ was the government department charged with facilitating the expansion of data-sharing across the public sector – an expansion that ministers have argued would improve delivery of public services.
Phil Booth, NO2ID's national coordinator, said: “The Justice committee is mistaken. More of the same, failing approach cannot work. Information commissioners cannot be everywhere unless they are comparable in numbers to those they oversee. It isn’t going to happen.
“Punishments for data leaks, however harsh, will make no difference to either idiots or criminals. A fraudster or a stalker set on abusing a person is hardly likely to worry about penalties for abusing records. Once information is out, the damage is done.”
The “real problem” was mass data collection and sharing by bureaucracies, he said. “That goes most of all for the ultimate centralisation of the ID cards database, which is designed to provide an index to all government information. The cult of information sharing has to be stopped or nothing is private any more.”