Friday, 22 October 2010
Businesses cannot ignore data protection and privacy issues as pressure mounts
Towards the end of September, the European Commission referred the UK to the EU Court of Justice for not fully implementing EU rules on the confidentiality of electronic communications such as e-mail or internet browsing
The organisation pointed out that existing UK law governing the confidentiality of electronic communications is in breach of the UK's obligations under the EU's ePrivacy Directive and the Data Protection Directive in a few areas.
The Commission also proposed a regulation to strengthen and modernise the European Network and Information Security Agency (ENISA). Under its mandate, ENISA would engage EU member states and private sector stakeholders in joint activities across Europe, such as cyber security exercises, public private partnerships for network resilience, economic analyses and risk assessment and awareness campaigns.
Following this UK's data protection watchdog- ICO (Information Commissioner's Office) along with the Ministry of Justice (MoJ) has agreed that there needs to be a common sense and modern day approach to data protection.
The law needs to provide more clarity for individuals and for businesses. In particular the privacy watchdog wants more clarity on the scope of the law including what constitutes personal data, ICO noted.
This heightened sense of data protection was echoed by academics too. Amid intense information protection concerns, the Oxford University Press has launched International Data Privacy Law (IDPL), an international journal covering law relating to data protection and privacy.
The journal focuses on all aspects of privacy and data protection, including data processing at a company level, international data transfers, civil liberties issues (e.g., government surveillance), technology issues relating to privacy, international security breaches, and conflicts between US privacy rules and European data protection law.
However, there is a wide disparity between how regulators and academics approach data protection and how businesses approach them. The regulators have a cautious approach looking at ways to improve privacy of personal data and secure public confidence. While a series of data loss incidents, (latest one being the ACS Law issue) mark the attitude of corporate entities.
These are huge issues for multinational organisations. They are faced with double whammy. In addition to stricter regulation to fit the digital age, organisations, especially the public sector ones, are under immense pressure to follow open data policies. This is part of the government's open data revolution to make themselves more transparent and accountable and offer data to people for re-use.
Business must get their house in order soon before one-off data loss stories snowball into huge unmanageable legal issue for the sector because then it will only take longer to regain confidence, convince more people to get online and to build a secured yet connected UK digital economy.
Subscribe to:
Posts (Atom)