ICO: Public has lost faith in data security
Written by Editor
Research published by the Information Commissioner’s Office (ICO) shows 96% of individuals surveyed are concerned that organisations do not keep their details secure, and a further 60% believe that they have lost control of the way their personal information is collected and processed. The survey suggests that around 80% of people are concerned about protecting their personal information online.
In a move to mark European Data Protection Day, Information Commissioner, Christopher Graham, and Lord McNally, Minister of State at the Ministry of Justice, is urging people to take more care on social networking sites, to think before giving out their personal details online, and to understand what to do when things go wrong.
To help online users understand how to surf safely, the ICO has today relaunched its Personal Information Toolkit which includes tips on how to protect personal details online as well as setting out people’s rights to access and correct the information that is held about them.
Information Commissioner, Christopher Graham, said: “It’s never been more important to protect your personal information…From employers looking up potential employees on Facebook to cyber criminals hacking into unsecured wifi networks, not protecting your personal information can cause serious harm and distress. European Data Protection Day is about motivating people to regain control of their right to privacy. I hope people of all ages across the UK will do just that.”
Minister of State for the Ministry of Justice, Lord McNally, said: “The Data Protection Act has governed how our personal information is handled and used for more than a decade, and the issue of keeping our personal data safe is still as relevant as ever. Technology has come a long way since the 1990s, but with fresh opportunities come fresh risks for our personal information. This is why the Government is working with businesses, charities, consumer groups and the public sector, to look at the law and ensure it continues to protect our personal information well into the 21st century.
“But in addition to our work and that of the ICO, there is a huge amount that people can do to arm themselves against misuse of data, such as identity theft. I would especially encourage people to make use of the ICO’s Personal Information Toolkit, because knowing your rights and knowing the risks really is the best way to protect yourself.”
Commenting on the launch of the PIT, Deloitte privacy expert, Peter Gooch, said: “The past few years have seen significant scrutiny over the way organisations handle personal data, with the ICO’s powers increasing as a result. The increased popularity and use of social media means that individuals must take responsibility for how they distribute and share their own personal information. This toolkit looks to address this issue by putting the onus on the individual as well as organisations and raising awareness of the threats people face.
"At the same time, these concepts should also be applied to individuals in their role as an employee as well as individuals in the context of their personal lives. Organisations have a responsibility to protect the privacy of their staff and customers using technology and process controls and they should train and make their employees aware of the risks they face. The ICO’s toolkit plays a vital role in raising the public’s awareness around the threats to privacy and what should be done to address these.”
The ICO’s full research report is available at: http://www.ico.gov.uk/about_us/research/corporate.aspx
DATA PROTECTION ACT – PRINCIPLES
Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that personal information is:
Fairly and lawfully processed
Processed for limited purposes
Adequate, relevant and not excessive
Accurate and up to date
Not kept for longer than is necessary
Processed in line with your rights
Not transferred to other countries without adequate protection
The Data Protection Act transposes the EU Data Protection Directive (95/46/EC) into UK law. Viviane Reding, Vice-President of the European Commission responsible for Justice, Fundamental Rights and Citizenship, is expected to bring forward a new legislative proposal for data protection in mid 2011.