Data watchdog needs to give business clear guidelines on data security & compliance, says Pinsent Masons

24 Jan 2013 | 05:12 pm | 1 min. read

Marc Dautlich, data protection law specialist at Pinsent Masons, comments on Sony's £250,000 fine by Britain’s data watchdog over a cyber attack breach that compromised the personal information of millions of PlayStation users. The Information Commissioner's Office (ICO) issued the penalty after it found the attack on the Sony PlayStation Network in April 2011 could have been prevented:

"Organisations need to be given guidance on what technical measures can be said to constitute an appropriate standard of security for the purposes of compliance with the Data Protection Act (DPA).

"The Sony appeal could be extremely interesting as it may provide an insight into what the ICO considers to be an appropriate standard of security that organisations have to have in place, particularly as it is a case involving a company in the private sector.

"Organisations are increasingly subject to malicious attacks and clarity from the ICO is needed about just how good security needs to be to meet the requirements of the DPA.

"This is an important issue at the moment, but it will come even more into focus if all organisations are mandatorily obliged to report data breach incidents as would be the case if proposed reforms to EU data protection laws are introduced as currently drafted.

"In our experience it is also very often the case that security incidents go hand-in-hand with a finding that organisations are holding too much personal data. This case should highlight the need for firms to concentrate on their retention policies and give the issue sufficient attention."

-Ends-

Notes to Editors:

Under the Data Protection Act (DPA) organisations must take "appropriate technical and organisational measures ... against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data".

The Act also requires organisations to ensure that the personal data they hold is "adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed".

For further information please contact:
Arti Mohan, PR Advisor
Tel: 020 7418 7106
Email: [email protected]

Latest press releases

Show me all press releases

Pinsent Masons launches online tool to spot future home-working related litigation for financial services firms

Multinational law firm Pinsent Masons has launched a new working-from home audit tool to help financial services organisations understand the hidden litigation and regulatory risks associated with staff increasingly working from home on a more permanent basis.

Pinsent Masons advises Seraphine Group PLC on its £150m main market IPO

Multinational law firm Pinsent Masons is advising Seraphine Group plc, an international digitally-led maternity and nursing wear, on its IPO and premium listing on the main market of the London Stock Exchange.

Pinsent Masons agrees MOU with Nepal International ADR Center

Multinational law firm Pinsent Masons has today signed a memorandum of understanding (MOU) with Nepal International ADR Center (NIAC), commencing an important collaborative relationship seeking to enhance NIAC’s international arbitration capabilities.

People who viewed this press release also viewed

Show me all press releases

Pinsent Masons unveils FY21 year end results

Multinational law firm Pinsent Masons has announced its FY21 year end results, reporting against last year’s metrics as the firm advances its strategy to become a purpose-led, professional services business with law at the core.

Pinsent Masons to cut absolute global carbon emissions by at least 50%

Multinational law firm Pinsent Masons has unveiled targets to cut absolute carbon emissions by a minimum of 50% by 2030, as it continues to reduce its environmental impact and support clients in tackling the climate crisis.

Pinsent Masons advises City of Munich on its success over organisers of "Oktoberfest goes Dubai"

Multinational law firm Pinsent Masons has successfully obtained a preliminary injunction in favour of the City of Munich against the organisers of an “Oktoberfest” event planned in the United Arab Emirates.

For all media enquiries, including arranging an interview with one of our spokespeople, please contact the press office on

+44 (0)20 7418 8199 or 

Location contacts