Information Commissioner "can't prevent next data loss fiasco"

 

Gallery

By Matthew Sparkes

Posted on 5 Dec 2007 at 14:13

The Information Commissioner has warned that his department doesn't have the power to prevent another child database fiasco from occurring.

Speaking to the House of Commons Justice Committee, the Information Commissioner, Richard Thomas, claimed: "We have been dissatisfied for a long time. We are a regulator with very limited powers of inspection."

"We do have the power to inspect certain international organisations, but we do not have the power to inspect any public, private or voluntary sector organisation inside the UK. That is essentially the change in the law that we have been seeking."

He went on to say that he was hoping that an amendment to the Data Protection Act would grant him these powers in the near future. Some security experts believe that the true danger from data loss lies elsewhere, though.

"It is important to point out that while there was massive data loss at HMRC, the real issue is that data thieves continue to steal, or 'phorage', data from online sites with impunity," says Simon Church, vice president of VeriSign.

He believes that the real danger is in the public willingly handing out data on insecure e-commerce and social networking sites, rather than large data losses that are due simply to "clumsiness".

Pieces of information freely given out to various sites can be pieced together to create a body of data that can be dangerous, he says. "Non-sensitive information married together can become very sensitive."

"If you look at the ID card scheme, you could place extra factors there to protect online transactions," says Church. However, he refused to comment on whether VeriSign would be in favour of a Government ID card scheme.