Government Prodded Over Personal Data Protection

The Equality and Human Rights Commission (EHRC) has charged that the government’s legal framework covering the collection, use and storage of personal data is deeply flawed and is likely to lead to an increasing frequency of data protection breaches, many of them inadvertent.

That’s because the current legal framework means government agencies are often unaware of their obligations and may be unaware when they break data protection laws, according to the EHRC’s new report, “Protecting Information Privacy”.

Accountability

It’s also too difficult for citizens to find out which public or private-sector bodies hold information on them, or to find out whether the data is correct or being handled in the right way, according to the report.

The situation is ripe for more abuses as organisations seek and store increasing amounts of personal information. The new technologies enabling this process might also be exempt from current laws, according to the report. At the moment, for instance, there is no law covering the images captured by CCTV cameras.

The EHRC urged the government to simplify current privacy laws and to oblige government agencies to justify their requests for personal data, to ensure compliance with the Data Protection Act, the Human Rights Act and the Regulation of Investigatory Powers Act.

“The state is holding increasing amounts of information about our lives without us knowing, and without us being able to check that it’s accurate or challenge this effectively,” said EHRC commissioner Geraldien Van Bueren in a statement.

“This needs to change so that any need for personal information has to be clearly justified by the organisation that wants it. The law and regulatory framework needs to be simplified, and in the meantime public authorities need to check what data they have and that it complies with existing laws.”

The European Commission agrees that data protection legislation reform is needed and is working on a comprehensive new framework for data protection across Europe this year.

Reducing fragmentation

Speaking of the upcoming reform of the EU Data Protection Directive in May, EU Justice Commissioner Viviane Reding highlighted the same issue of simplification.

“I want to reduce the current fragmentation of the EU legal framework and further harmonise data protection rules across the EU, while maintaining a high level of data protection,” she said at the time. “I also intend to reduce the administrative burden for businesses. We have to cut all those notification obligations and requirements which are excessively bureaucratic, unnecessary and ineffective. We need to focus on those requirements which enhance legal certainty.”

Reding’s proposals will include holding non-EU organisations responsible for upholding European data privacy laws, meaning companies such as Google, Yahoo and Facebook could be held to account.

Also in May, an opinion document from European Data Protection Supervisor (EDPS) Peter Hustinx was accepted by the Article 29 Working Group, arguing that geo-location data should be considered private. This means that mobile service providers will have to gain the user’s explicit permission to collect or relay location data.

ICO pressure

The ICO has been ramping up the pressure on organisations to protect personal data, and in July warned private businesses that they should be more willing to undergo data protection audits.

The warning came after the Information Commissioner’s Office (ICO) published figures in its annual report which showed that private companies reported the most data security breaches of any sector in 2010/11.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

4 hours ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

7 hours ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

9 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

1 day ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

1 day ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

1 day ago