BrochuresCartoon

COURSES (ISEB/BCS)
follow link for detail

Data Protection Training

London
Starts Nov 17th

Leeds
Starts Oct. 15th

Edinburgh
Starts Nov 3rd

FOI Training
London
Starts Oct 23rd

Information Security Management Training (CISMP)
London
Starts Dec. 1st

Training/Update/Events
Update: October 27th
EU Regulation: Dec 16th
PIA: Dec 8th
DP Audit: Dec 9th

Amberhawk

« Protection of Freedoms Bill promotes efficient CCTV surveillance not effective privacy | Main | ICO evidence identifies data protection concerns over Freedoms Bill »

21/02/2011

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a0115709c6f9d970b014e86346546970d

Listed below are links to weblogs that reference European Commission explains why UK’s Data Protection Act is deficient:

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

It seems to me the problem we have in the UK isn't so much the failure of the data protection legislation, as a failure of the regulator to employ any of the enforcement powers they already have... particulary against large organisations like BT and Google.

The recent ACS:Law case is a striking example of how weak the enforcement of UK Data Protection is.

Data alleging that hundreds of BT/Plusnet subscribers had illegally shared pornographic videos was leaked to the world at large, after BT ignored a court order instructing them to encrypt the information and convey it on physical media to ACS:Law. It is hard to imagine a more shocking example of a failure to protect acutely sensitive personal information from inappropriate disclosure.

Yet - despite having the expertise, the technology,and the resources required to comply with the court order - BT face no sanction from the ICO of any kind. None at all.

The ICO refused to investigate, because they consider BT's failure to be an internal disciplinary matter.

BT have form. The ICO also refused to investigate or take enforcement action against BT after 200,000 UK internet subscribers were subjected to covert profiling using technology supplied by Phorm.

As a result the UK Government are also subject to a separate infraction process relating to the privacy/security/integrity of telecommunications data...

http://europa.eu/rapid/pressReleasesAction.do?reference=IP/10/1215&format=HTML&aged=0&language=EN&guiLanguage=en

Changing the wording or technical details of UK legislation isn't going to solve the problem with data protection in the UK until the ICO are reformed, preferably with new personnel.

It seems to me the problem we have in the UK isnt so much the failure of the data protection legislation, as a failure of the regulator to employ any of the enforcement powers they already have... particulary against large organisations like BT and Google.

The recent ACS:Law case is a striking example of how weak the enforcement of UK Data Protection is.

Data alleging that hundreds of BT/Plusnet subscribers had illegally shared pornographic videos was leaked to the world at large, after BT ignored a court order instructing them to encrypt the information and convey it on physical media to ACS:Law. It is hard to imagine a more shocking example of a failure to protect acutely sensitive personal information from inappropriate disclosure.

Yet - despite having the expertise, the technology,and the resources required to comply with the court order - BT face no sanction from the ICO of any kind. None at all.

The ICO refused to investigate, because they consider BTs failure to be an internal disciplinary matter.

BT have form. The ICO also refused to investigate or take enforcement action against BT after 200,000 UK internet subscribers were subjected to covert profiling using technology supplied by Phorm.

As a result the UK Government are also subject to a separate infraction process relating to the privacy/security/integrity of telecommunications data...

http://europa.eu/rapid/pressReleasesAction.do?reference=IP/10/1215format=HTMLaged=0language=ENguiLanguage=en

Changing the wording or technical details of UK legislation isnt going to solve the problem with data protection in the UK until the ICO are reformed, preferably with new personnel.
+1

The comments to this entry are closed.

All materials on this website are the copyright of Amberhawk Training Limited, except where otherwise stated. If you want to use the information on the blog, all we ask is that you do so in an attributable manner.