A report by members of parliament on the Justice Committee has called for more severe penalties, including custodial sentences, to be imposed on those found guilty of breaching the Data Protection Act.
The committee found that the current fines issued for such breaches were an insufficient deterrent to those who wished to profit from breaking the law.
However, since then, it has fined a number of organisations for breaches, including Ealing and Hounslow councils, who were fined £80,000 and £70,000 respectively for losing unencrypted laptops; and Surrey County Council, which was fined £120,000 for three breaches of the act, including sending personal data to taxi firms and people on a council mailing list.
Sir Alan Beith MP, the chair of the Justice Committee said, “Fines are used to punish breaches of data protection laws, but they provide little deterrent when the financial gain exceeds the penalty.”
He continued, “Magistrates and judges need to be able to hand out custodial sentences when serious misuses of personal information come to light. Parliament has provided that power, but Ministers have not yet brought it into force – they must do so.”
The committee also approved of the government’s commitment to ban referral fees, believing that they created a financial incentive to break the law. The committee cited the case of a nurse who passed on patient details to her partner who worked for an accident management company, but was only fined £150 per offence, despite being paid £900 for every referral.
The committee also called on the Information Commissioner to receive more powers to compel audits of companies. Currently, the ICO offers free data protection audits, but a significant percentage of companies have declined this offer.
It also recommends the ICO becomes directly responsible to, and funded by, parliament, saying that the issue of referral fees may have been tackled sooner if it had been given such powers sooner.
The Information Commissioner Christopher Graham welcomed the committee’s findings, “The Government should lose no more time in bringing in appropriate deterrent sentences to combat the unlawful trade in personal data.”
“We need action, not more words. Citizens are being denied the protection they are entitled to expect from the Data Protection Act.”
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…