This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Watchdog: 'No to US-style data laws'

Share this article:
US-style personal data breach notification is not a workable model for the UK, the UK's information watchdog told RSA delegates.

In a keynote address, Information Commissioner Richard Thomas said: “I am not convinced by legislation that requires companies to individually warn the public if their details have been compromised. The severity and circumstances of each breach merit a different response, and mandatory notification doesn't take this into account. It would be a significant additional burden for businesses, and could cause public 'breach fatigue'".

California introduced a compulsory notification law that has often been held up as a desirable standard in breach notification legislation. Thomas also called for CEOs and public sector bosses to shape up and take responsibility for personal data, rather than expecting IT departments to deal with the issue.

“Data protection has come in from the cold, and there is a pressing need for awarreness right at the top. Permanent secretaries and CEOs must be certain that responsibility for data is clear, and they must be certain who has responsibility for each set of data”, said Thomas.

“This responsibility rests with the whole organisation, from board downwards. Information is a toxic liability if not handled correctly.”

Thomas also welcomed recent promises from the Secretary of State Jacqui Smith that proposals for a giant government database of all telecoms and internet traffic would receive a public consultation before being put before parliament. “I feel reasured that this debate is going to take place”, he said.
Share this article:
close

Next Article in News

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Queen's website hosts controversial tracking technique

Queen's website hosts controversial tracking technique

Advertising tracking called 'canvas fingerprinting' is used on many websites and identifies unique individuals and their browsing habits and works surreptitiously.

Could MH17 sanctions push Russia to cyber warfare?

Could MH17 sanctions push Russia to cyber warfare?

A leading cyber security academic has warned the US and European governments that tougher sanctions on Russia relating to the MH17 airplane crash could result in the start of cyber ...

Snowden, Ellsberg ask hackers to help obscure whistleblower activity

Snowden, Ellsberg ask hackers to help obscure whistleblower ...

Crowds of people came out to see Daniel Ellsberg chat with Edward Snowden at HOPE X conference.