Out-Law Analysis 1 min. read
26 Nov 2007, 3:56 pm
By Dr Chris Pounder
Discussion is no longer confined to aficionados at group get-togethers; for a few exciting days data protection and security has been headline news and the topic on everyone's lips. And so it should be. Our privacy is important and organisations which process our personal data have to show them respect.
The fallout from this event will continue for some time: more powers for the Information Commissioner, more penalties for transgressors, more bad press for HMRC (and possibly HMG and other public bodies) and, hopefully, higher status for those who toil at the data protection coal-face.
Those data protection officers who are asked by senior managers, "What are the penalties under the Act?", now have a ready answer: "It’s the wrong question. Look at HMRC. No one is fined. No one is prosecuted. The senior manager lost his job. But the real damage is the undermining of public trust in the whole enterprise".
Indeed, in this particular case, a whole spectrum of public sector data processing could now be at risk as some large government projects, built around large, centralised indexes and databases, might not attract the degree of public confidence that they need to succeed. And note that it supposedly took just one junior employee to cause all the current problems.
There are important lessons to be learnt from this episode but we must also be alert to the dangers. This society depends on its personal data processing for it to function and, in many circumstances, data sharing is essential for our society to work. Such processing needs the trust of the public – and once trust is lost, it can be difficult to recover. So, enjoy basking in the daylight and possibly those feelings of Schadenfreude for the moment. But remember, when the pieces eventually settle, it will be our jobs to pick up them up and regain that trust.
