This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Former information commissioner claims that data protection has not kept up with technology

Share this article:
Former information commissioner claims that data protection has not kept up with technology
Former information commissioner claims that data protection has not kept up with technology

Technology and data storage developments have left the data protection regulatory model outdated.

In a recent SC Magazine webcast, the question was asked whether data protection was keeping up with the evolution of technology. An answer given by former information commissioner Richard Thomas was a simple ‘no'.

Thomas, who served as information commissioner between 2002 and 2009 and now works on several government bodies and is a consultant at law firm Hunton & Williams, said that when he started there was not internet access at the office and this changed in the time he was there.

“There were so many developments, we saw Google come on the scene and we saw Facebook and huge changes in technology and the cost has come down and the capacity to store data has enlarged massively, so there are dramatic changes in technology and in business models that go with that,” he said.

“The law has not kept pace. I made myself a bit of a reputation during the last three or four years of my time as information commissioner saying that the 1994 European directive that governs European law at the moment and which underlies the UK's 1998 act was not fit for purpose and it was a mainframe directive that didn't accommodate the modern world at all.”

Thomas also said that he had likened it to the way things were done in Germany in the 1960s and 1970s, and that it needed to be reviewed. “Even though the laws are supposed to be technology neutral, I am not sure that they are, or have kept pace,” he said.

Commenting, Jonathan Armstrong, partner at law firm Duane Morris, said that it was a ‘yes and no' to the answer from him, as it has kept pace with general principles that have kept up with changes in legislation but some aspects are looking tired.

He picked out that the concept of processor and controller had changed, especially with cloud and outsourcing, and with the new changes in the draft, he said "it will tire more easily".

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Sandworm vulnerability seen targeting SCADA-based systems

Sandworm vulnerability seen targeting SCADA-based systems

Hard on the heels of the `Sandworm' spy group revealed by iSIGHT Partners earlier in the week, Trend Micro says its has spotted the zero-day vulnerability of the same name ...

Russian-speaking criminals account for £420m of card fraud annually

Russian-speaking criminals account for £420m of card fraud ...

New research claims to quantify the scale of card fraud in Russian speaking circles. And according to Group-IB's analysis over the last year, that fraud clocks in at a hefty ...

Light-based printer attack overcomes air-gapped computer security

Light-based printer attack overcomes air-gapped computer security

Multi-function printers - a route to bypass air-gapped computer security.