But beware the bogeyman and the ID card...
By Steve Ranger
Published: 6 February 2008 12:49 GMT
Some parts of Whitehall have finally realised what silicon.com has known for some time - that UK law is not strong enough to protect the public from lazy organisations that recklessly lose their personal details.
Seven months after we launched our Full Disclosure campaign calling for a rethink of legislation in this area, the Information Commissioner's Office (ICO) is now asking that knowingly or recklessly breaching the Data Protection Act should be made a criminal offence.
It's great news - and a significant boost for our campaign, which has been supported by many in the IT industry. Campaigning journalism is an important part of silicon.com's identity, and so it is fantastic to see the government moving in the direction we've been advocating.
But it has taken a mountain of lost CDs and stolen laptops for even this - modest - move to come about.
And it doesn't go far enough.
I think the data protection framework should move closer to the model used by a number of US states, including California. There, the law says consumers have to be told if their sensitive personal details are exposed. In contrast, we in the UK might never find out if a company we do business with has lost a laptop full of our personal information.
There's a broader context to our campaign - it's about creating a proper legal framework for one of the most precious commodities of the 21st century - your identity.
This government has, it seems, little interest in this issue. Unless, of course, it sees identity fraudsters as useful bogeymen to scare us into agreeing to one of its most controversial projects.
For years the government has been telling us that it is so worried about the menace of identity fraud that it wants to spend £5bn on identity cards that will apparently protect us.
Yet strangely it has ignored calls to tighten up on data protection in the public and private sector, even though that would have an immediate impact on fraud.
If the government is as worried about identity fraud as it claims, it should give the Information Commissioner's Office more teeth and more muscle, and look at new ways of protecting our information
If nothing happens, then next time the government starts talking about ID fraud and ID cards, you might want to ask what and who it is really trying to protect.
Editor's Blog: Less data equals more privacy
Video Cheat Sheet: Data Breaches Editor's Blog: Lords above! Editor's Blog: Another blow to identity fraudsters Cheat Sheet: Encryption Q&A: Bruce Schneier, CTO of BT Counterpane Leader: Why security threats don't have to be taxing
Leader: How to put out the fires of ID fraudBack to Full Disclosure Special Report
Super comms database ditched for next year?
Bye-bye big brother
'No lost memory sticks' shocker for gov't dept
It had to happen sooner or later
CEOs told - take responsibility for 'toxic' data
Information Commissioner: "it's time for the penny to drop"
Data breach at Virgin prompts encryption order
3,000 details lost on CD…
Lost data total nears 30 million records
Missing laptops, USB sticks and CDs take their toll
Stories from around the web...
London revealed as hot spot for online credit card fraud News.com
Researchers: Cyberattacks outstripping defences ZDNet.co.uk
Honesty the best online policy bbc.co.uk
Why small online fraudsters get away with it The Guardian
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
RSS Feeds