UK govt rules out data breach notification law

By Tom Espiner, ZDNet UK
Thursday, November 27, 2008 12:21 PM

The U.K. government has announced that it will not be implementing a data breach notification law.

Following a recommendation by information commissioner Richard Thomas in July, the government announced in a report on Tuesday that it will not introduce a compulsory data breach notification law for private-sector organizations.

"After considering the analysis of the experience of the U.S. in the area of data-breach notification legislation, the government is not intending to implement similar legislation to that in operation in the U.S.," states the Response to the Data Sharing Review Report (PDF).

It is already mandatory for public-sector organizations to report any significant actual or potential losses of data to the Information Commissioner's Office (ICO). Private-sector organizations should report data breaches "as a matter of good practice", states the report, and the ICO should take into account of any lack of reporting by a private-sector organization in its enforcement action.

Fines for companies that are found in breach of data protection laws are to be raised, stated the report. The U.K. Ministry of Justice is working with the ICO to determine the level of the maximum fine.

Merlin, Earl of Erroll, told ZDNet Asia's sister site ZDNet UK on Wednesday that a data breach notification law would have both advantages and disadvantages.

"It's like the curate's egg--good in parts," said Errol. "Notification is inherently a good idea because it allows the government to get a handle on the scale of the problem. The danger is that it opens up opportunities for phishing, as people send out letters saying: 'Your details have been compromised, please confirm your data.'"

Errol said that the government should reconsider mandatory data breach notification, and added that the European Parliament was also considering a data breach law.

"Europe is looking at it hard and, if they bring in a law, then the government will have no choice but to accept," Erroll said.


WORTHWHILE?

0

0 votes
Blog

Talkback 0 comments

There are currently no comments for this post.


Tech Jobs Now!

Search for your ideal tech job:

News from Countries/Region

Common ways IT wastes money on development

Web Development

Examples include using developers as support staff and failing to calculate a project's ROI before giving it the go-ahead.


Read more »



  • Enterprise 2.0

    Vince Casarez, vice president of product management at Oracle, explains how Web 2.0 technologies, such as tags, wikis, and mash-ups, can be applied within an organization.
    Play video


  • Nehalem Architecture

    What makes next-generation Intel® Microarchitecture (Nehalem) such a superior successor?
    Play video

 
Free the untapped potential of your IT infrastructure
Reduce bottlenecks to drive the efficiency and productivity of Business IT.
» Ultimate virtualization blade
» Scalable SAN solution
» Accelerate service delivery
On demand CRM goes strategic
CRM technology has come of age, and is now able to align with your customer strategy and grow in step with your business.

» Learn more about Oracle’s CRM Solutions



Could this be the most critical budget for India?

Blog thumbnail

For business journalists in India, budget time is excitement time. It's like sports journos covering the Olympics. As a newspaper correspondent, I too had my fill of budget-time excitement. But..... by Swati Prasad

Read more »

Tags

  1. attack
  2. bank
  3. blog
  4. data security
  5. e - mail
  6. hacking
  7. internet
  8. malware
  9. microsoft corp.
  10. network
  11. network security
  12. pc security
  13. researcher
  14. security
  15. security management
  16. software
  17. spam and phishing
  18. u.s.
  19. viruses and worms
  20. web