LONDON (AFP) — Significant breaches of data security due to recklessness or impropriety should be made a criminal offence, a committee of MPs said Thursday.
In a report, the Commons justice committee said it had found widespread and systemic failings in the government's handling of sensitive data, in a review following the loss of 25 million people's personal details by HM Revenue and Customs.
The MPs warned that more cases would come to light involving the loss of personal data.
"The scale of the data loss by government bodies and contractors is truly shocking but the evidence we have had points to further hidden problems," said Alan Beith the committee's Liberal Democrat chairman.
"It is frankly incredible, for example, that the measures HMRC has put in place were not already standard procedure," he added.
The report urged Prime Minister Gordon Brown to push through plans to provide Information Commissioner Richard Thomas with powers to carry out unannounced spot checks on procedures in firms and Whitehall departments.
"There is currently no criminal offence of a data controller (such as a private business or a government department) intentionally or recklessly disclosing personal information," the MPs wrote.
"Furthermore, the current criminal offences only cover individuals and non-Governmental bodies or organisations; Government departments or agencies cannot be held criminally responsible for data protection breaches," they said.
Millions of households were alerted in November to possible fraudulent use of personal information after the HMRC lost two unencrypted discs containing details of their children's names, their addresses, dates of birth and National Insurance and bank details.
Copyright © 2009 AFP. All rights reserved. More »
