This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Former information commissioner claims that data protection has not kept up with technology

Share this article:
Former information commissioner claims that data protection has not kept up with technology
Former information commissioner claims that data protection has not kept up with technology

Technology and data storage developments have left the data protection regulatory model outdated.

In a recent SC Magazine webcast, the question was asked whether data protection was keeping up with the evolution of technology. An answer given by former information commissioner Richard Thomas was a simple ‘no'.

Thomas, who served as information commissioner between 2002 and 2009 and now works on several government bodies and is a consultant at law firm Hunton & Williams, said that when he started there was not internet access at the office and this changed in the time he was there.

“There were so many developments, we saw Google come on the scene and we saw Facebook and huge changes in technology and the cost has come down and the capacity to store data has enlarged massively, so there are dramatic changes in technology and in business models that go with that,” he said.

“The law has not kept pace. I made myself a bit of a reputation during the last three or four years of my time as information commissioner saying that the 1994 European directive that governs European law at the moment and which underlies the UK's 1998 act was not fit for purpose and it was a mainframe directive that didn't accommodate the modern world at all.”

Thomas also said that he had likened it to the way things were done in Germany in the 1960s and 1970s, and that it needed to be reviewed. “Even though the laws are supposed to be technology neutral, I am not sure that they are, or have kept pace,” he said.

Commenting, Jonathan Armstrong, partner at law firm Duane Morris, said that it was a ‘yes and no' to the answer from him, as it has kept pace with general principles that have kept up with changes in legislation but some aspects are looking tired.

He picked out that the concept of processor and controller had changed, especially with cloud and outsourcing, and with the new changes in the draft, he said "it will tire more easily".

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Hundreds of companies face 2,000 cyber-attacks in EU exercise

Hundreds of companies face 2,000 cyber-attacks in EU ...

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers ...

Cyber security still a learning curve for most companies

Cyber security still a learning curve for most ...

Poor network visibility, outdated security tools, a skills shortage and a lack of control in the cloud are just some of the reasons companies are struggling with cyber-security, say two ...

WorldPay hacker sentenced to 11 years for role in £6 million scheme

WorldPay hacker sentenced to 11 years for role ...

An Estonian man, who helped hack payment processor RBS WorldPay in 2008, has now been sentenced to 11 years in prison for his involvement in the £5.9 (US$ 9.4 million) ...