In his 2007 annual report, the Information Commissioner Richard Thomas has denounced the high number of security lapses by "banks, retailers, government departments, public bodies and other organisations."
The Commissioner goes on to say, "My message to those at the top of organisations is to respect the privacy of individuals and the integrity of the information held about them, to embrace data protection positively and to be sure you are not the business or political leader who failed to take information seriously."
The comments follow lapses over the past year by companies such as Orange, Barclays and NatWest; it is clear however that they are a just a few of many guilty companies. It is thought that of the 24,000 enquiries received by his office (the ICO), 35% of them were likely breaches. The ICO has prosecuted 16 individuals and organisations in the last year, and two parliamentary enquiries have been initiated following a request from the Commissioner for a debate on Britain's 'surveillance society.'
A total of 12 high street banks have been found culpable of leaving clients' details in publicly accessible bins over the last year. But for Thomas, this isn't enough: he is seeking to extend the ICO's powers to be able to audit and inspect companies as soon as they are suspected of breaching the Data Protection Act (currently this can only be done with permission). According to a Ministry of Justice spokeswoman however, the Commissioner "already has adequate powers" and has also received additional funding over the last two years.
Overall, internet firms received the most complaints (13%), raising fresh fears over the safety of personal information on the internet. Google, who once stated that they kept customer information "indefinitely," have bowed to pressure and now keep personal data for no longer than 18 months. Likewise, Facebook and other social networking sites are increasingly being encouraged to clarify their privacy policies amidst fears that information on "profile pages" is being distributed to third parties. After internet companies, 12% of complaints were about banks, 10% about marketing organisations and 7% about telecoms companies.
Mr Thomas finished his speech by saying, "…too much private information held by the state or by commercial organisations can be unhealthy, and is dangerous if organisations do not handle it with the utmost care." It is clear that Thomas sees data protection as a crucial part of the 21st Century, but with the emergence of the age of information, he has a tough job on his hands.