Information Commissioner needs more power

ICO should be given more power to help battle data security breaches, according to speakers at a Westminster eForum event in London today.

Give the Information Commissioner's Office (ICO) more power to hold companies and the public sector accountable for data security breaches, speakers at a Westminster eForum event said today.

Earlier this week, the Information Commissioner Richard Thomas called the number of companies and public organisations which have had serious security lapses "frankly horrifying." In London today, representatives from government, industry and academia called for better protection of individual's data - and more power for the ICO, the government body charged with protecting people's privacy in the digital age.

Advertisement - Article continues below

"We don't appear to be taking seriously as a society this information leakage," said Dr Simon Moores, the vice chairman of the Conservative Technology Forum.

An assistant commissioner from the ICO said the body believed it was time to take action. "When do start to do something about this instead of just having the debates?" asked Jonathan Bamford.

The speakers called for a bigger role for the ICO, with consultant Dr Ian Forbes saying the body needed "more elbows and a lot more power."

Currently, the information commissioner must ask permission from an organisation before looking into its data control and security arrangements. "The recalcitrant ones who don't want us there, there's something they don't want us to find," said Bamford.

Advertisement
Advertisement - Article continues below

Speakers representing industry also called for better guidance from the government. "There should be far more safeguards for industry to focus on," said David Theriault, business development manager at Ubisense.

Advertisement - Article continues below

Bamford laid out an ICO action plan to help deal with privacy and security issues surrounding private data. It included a new code of conduct for CCTV, an information sharing framework code and increasing the use of privacy impact assessments - all designed offer support and guidance to organisations.

He also highlighted the use of privacy enhancing technologies, calling for security and privacy controls to be built into databases and other technologies at the planning stage, rather than waiting until the end to bolt them on. Government IT contractors should be told to develop privacy and security controls at the specification stage, while the government should be willing to pay a premium for safer systems, Bamford said.

It's not just about securing the data or the IT, but about how people have access to information. "Things go wrong not just because of technology failures, but human failures," Bamford said. He and other speakers called for tougher sentencing and bigger financial penalties for those responsible for data breaches.

Advertisement - Article continues below

The government needs to create a culture of security, one speaker said. "Security is not a process, not a group of products, it's a state of mind," said Nigel Hopgood, the head of corporate governance at Sun Microsystems.

Philip Virgo, the secretary general of industry parliamentary group EURIM, said deciding responsibility for security breaches is easier in the private sector than the public sector. In the former, it comes down to who to sue, while in the latter, politics comes into play. But accepting responsibility for errors is key to gaining public trust - especially for highly-criticised projects such as the identity card scheme. "Trust is earned by those who accept responsibility even when things go wrong," said Virgo.

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement
Advertisement

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
UN report points to a 350% rise in phishing websites at start of 2020
phishing

UN report points to a 350% rise in phishing websites at start of 2020

7 Aug 2020