This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Watchdog: 'No to US-style data laws'

Share this article:
US-style personal data breach notification is not a workable model for the UK, the UK's information watchdog told RSA delegates.

In a keynote address, Information Commissioner Richard Thomas said: “I am not convinced by legislation that requires companies to individually warn the public if their details have been compromised. The severity and circumstances of each breach merit a different response, and mandatory notification doesn't take this into account. It would be a significant additional burden for businesses, and could cause public 'breach fatigue'".

California introduced a compulsory notification law that has often been held up as a desirable standard in breach notification legislation. Thomas also called for CEOs and public sector bosses to shape up and take responsibility for personal data, rather than expecting IT departments to deal with the issue.

“Data protection has come in from the cold, and there is a pressing need for awarreness right at the top. Permanent secretaries and CEOs must be certain that responsibility for data is clear, and they must be certain who has responsibility for each set of data”, said Thomas.

“This responsibility rests with the whole organisation, from board downwards. Information is a toxic liability if not handled correctly.”

Thomas also welcomed recent promises from the Secretary of State Jacqui Smith that proposals for a giant government database of all telecoms and internet traffic would receive a public consultation before being put before parliament. “I feel reasured that this debate is going to take place”, he said.
Share this article:
close

Next Article in News

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Tor Project unearths attack that identifies users

Tor Project unearths attack that identifies users

Users of The Onion Router (TOR) network have been warned of an attack that could deanonymise them if they used the service from February to July this year.

Hackers tap flaws in Amazon cloud to host DDoS botnets

Hackers tap flaws in Amazon cloud to host ...

Profitable and easy-to-use vulnerability exploited by cybercriminals says security researcher

China allegedly behind attack on Canadian research group

China allegedly behind attack on Canadian research group

One day on from claims that Chinese hacker group 'Comment Crew' was behind the theft of confidential documents on an Israeli missile defense system, the country is also being cited ...