follow-up: Data breach officials could be sent to the big house

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.theregister.co.uk/2007/12/18/hmrc_crim_penalties/

By Joe Fay
The Register
18th December 2007

Civil servants responsible for the loss of public data could face prison 
sentences in future, instead of a brief period in sackcloth and ashes 
before being shifted into a consultancy role.

In his update on the HMRC data loss to MPs yesterday, Alistair Darling 
said: "There will now also be new sanctions under the Data Protection Act 
for the most serious breaches of its principles.

"These will take account of the need not only to provide high levels of 
data security but also to ensure that sensible data sharing practices can 
be conducted with legal certainty. We will consult early in the New Year 
on how this can best be done."

The Times reports that ministers have accepted that the penalties for 
"gross failures" to protect citizens' details should include criminal 
penalties. These could be as harsh as a two year prison sentence for the 
most serious offenses.

Darling, yesterday, also said that spot check powers introduced in 
Whitehall in the wake of the HMRC data loss would be extended right across 
the public sector.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml