A report by members of parliament on the Justice Committee has called for more severe penalties, including custodial sentences, to be imposed on those found guilty of breaching the Data Protection Act.
The committee found that the current fines issued for such breaches were an insufficient deterrent to those who wished to profit from breaking the law.
However, since then, it has fined a number of organisations for breaches, including Ealing and Hounslow councils, who were fined £80,000 and £70,000 respectively for losing unencrypted laptops; and Surrey County Council, which was fined £120,000 for three breaches of the act, including sending personal data to taxi firms and people on a council mailing list.
Sir Alan Beith MP, the chair of the Justice Committee said, “Fines are used to punish breaches of data protection laws, but they provide little deterrent when the financial gain exceeds the penalty.”
He continued, “Magistrates and judges need to be able to hand out custodial sentences when serious misuses of personal information come to light. Parliament has provided that power, but Ministers have not yet brought it into force – they must do so.”
The committee also approved of the government’s commitment to ban referral fees, believing that they created a financial incentive to break the law. The committee cited the case of a nurse who passed on patient details to her partner who worked for an accident management company, but was only fined £150 per offence, despite being paid £900 for every referral.
The committee also called on the Information Commissioner to receive more powers to compel audits of companies. Currently, the ICO offers free data protection audits, but a significant percentage of companies have declined this offer.
It also recommends the ICO becomes directly responsible to, and funded by, parliament, saying that the issue of referral fees may have been tackled sooner if it had been given such powers sooner.
The Information Commissioner Christopher Graham welcomed the committee’s findings, “The Government should lose no more time in bringing in appropriate deterrent sentences to combat the unlawful trade in personal data.”
“We need action, not more words. Citizens are being denied the protection they are entitled to expect from the Data Protection Act.”
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…