This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Former information commissioner claims that data protection has not kept up with technology

Share this article:
Former information commissioner claims that data protection has not kept up with technology
Former information commissioner claims that data protection has not kept up with technology

Technology and data storage developments have left the data protection regulatory model outdated.

In a recent SC Magazine webcast, the question was asked whether data protection was keeping up with the evolution of technology. An answer given by former information commissioner Richard Thomas was a simple ‘no'.

Thomas, who served as information commissioner between 2002 and 2009 and now works on several government bodies and is a consultant at law firm Hunton & Williams, said that when he started there was not internet access at the office and this changed in the time he was there.

“There were so many developments, we saw Google come on the scene and we saw Facebook and huge changes in technology and the cost has come down and the capacity to store data has enlarged massively, so there are dramatic changes in technology and in business models that go with that,” he said.

“The law has not kept pace. I made myself a bit of a reputation during the last three or four years of my time as information commissioner saying that the 1994 European directive that governs European law at the moment and which underlies the UK's 1998 act was not fit for purpose and it was a mainframe directive that didn't accommodate the modern world at all.”

Thomas also said that he had likened it to the way things were done in Germany in the 1960s and 1970s, and that it needed to be reviewed. “Even though the laws are supposed to be technology neutral, I am not sure that they are, or have kept pace,” he said.

Commenting, Jonathan Armstrong, partner at law firm Duane Morris, said that it was a ‘yes and no' to the answer from him, as it has kept pace with general principles that have kept up with changes in legislation but some aspects are looking tired.

He picked out that the concept of processor and controller had changed, especially with cloud and outsourcing, and with the new changes in the draft, he said "it will tire more easily".

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

State-sponsored attacks expected to get worse

State-sponsored attacks expected to get worse

A loss of confidence in perimeter defence has led many infosec professionals to question the ability of their organisation to withstand Advanced Persistent Threats (APTs).

Xen hypervisor found wanting on security

Xen hypervisor found wanting on security

The Xen hypervisor - an open source project that forms the basis of a wide range of virtualised servers - has been found to be vulnerable to a new attack ...

Shellshock vulnerabilities exploited in the wild

Shellshock vulnerabilities exploited in the wild

Linux: open source software is highly pervasive making the Shellshock vulnerability potentially more serious than Heartbleed.