July 11, 2007 8:28 AM PDT
U.K. commissioner blames CEOs for data breaches
- Related Stories
Study: Identity theft keeps climbingMarch 6, 2007
U.K. data thieves face two years in prisonFebruary 7, 2007
Banks rated for ID theftSeptember 25, 2006
Microsoft wins record amount from spammerSeptember 13, 2006
British ID thieves face jail timeJuly 25, 2006
Identity crisis: Myth vs. reality in ID theftOctober 24, 2005
Britain, U.S. talk up spam fightOctober 11, 2004
U.K. spammers elude shutdownApril 16, 2004
"The roll call of banks, retailers, government departments, public bodies and other organizations which have admitted serious security lapses is frankly horrifying," Richard Thomas wrote in a report. "How can laptops holding details of customer accounts be used away from the office without strong encryption? How can millions of store card transactions fall into the wrong hands?"
The Information Commissioner's Office (ICO) received almost 24,000 inquiries and complaints concerning personal information, and it prosecuted 16 individuals and organizations in the past 12 months, according to its annual report for 2006 and 2007.
"My message to those at the top of organizations is to respect the privacy of individuals and the integrity of the information held about them, to embrace data protection positively, and to be sure you are not the business or political leader who failed to take information rights seriously," Thomas said.
More than half of Data Protection Act cases required the ICO to simply provide advice and guidance, while a breach was likely to have happened in more than a third of cases, of which a further 77 percent resulted in remedial actions such as correcting an individual's record or training staff.
The ICO received almost 6,000 complaints under the Freedom of Information Act and has closed more than three-fourths of those.
Public awareness of data protection rights has increased to 82 percent, with more people understanding that personal information must be handled appropriately, according to the report.
The information commissioner's plea follows a number of security breaches over the last year, including 12 U.K. banks found to be in breach of the Data Protection Act, following complaints about the disposal of customer information.
U.K. bank Barclays is facing an ICO investigation over allegations of customer privacy breaches, and telecommunications provider Orange and retailer Littlewoods were also found to be in breach of the Data Protection Act by the ICO this year.
Gemma Simpson of
1 commentJoin the conversation! Add your comment