On November 21, 2007, the British Prime Minister announced that he would grant new powers to the UK Data Protection Office (ICO), which will allow for the conducting of unannounced spot checks of government privacy and security procedures. This statement followed the disclosure by the British government of an unprecedented data breach, involving the loss of two computer discs containing the personal data of some 25 million people. ICO will work with the Ministry of Justice to confirm the details of the new powers. Information Commissioner Richard Thomas said he would like the UK data protection law changed to make security breaches of the scope of this data loss a “criminal offense”. Additionally, this would enable the ICO to prosecute organizations in case of serious breaches, which is not the case currently.
The British Prime Minister press briefing from November 21, 2007 is available (in English) at: http://www.number10.govuk/output/page13818.asp
Richard Thomas’s statement is available (in English) at: http://www.ico.gov.uk/upload/documents/pressreleases/2007/personal_details_lost_by_hmrc201107003.pdf