The new powers awarded to the Information Commissioner
recently have been well trailed by the government for more than a year. Indeed,
they were trotted out as a response every time the government suffered another
data loss, as if a more powerful
commissioner would be some sort of panacea. It won’t.
I am often asked why I think government data losses not
exactly scintillating stories have become the stuff of headlines.
The answer is threefold.
First, HM Revenue & Customs (HMRC). The loss of 25
million child benefit records was a huge blow for the government and undermined
Gordon Brown’s carefully crafted image as a safe pair of hands. If the hands are
not safe, and their owner was presiding over an increasingly authoritarian
government, this was a worrying chain of events.
The media love a narrative in the vein of “recent event
illustrates larger problem” and here they have a story that will run and
run.
Second, ID cards. However much the government tries to bill
this initiative as a new type of passport, the public remain unconvinced.
The ID card scheme is stuck between a rock and a hard place.
ID cards play into the left-wing media’s concerns over the erosion of civil
liberties and the right-wing media’s concerns over a growing nanny state. The
success of the Conservatives in linking every data loss story to the theoretical
vulnerability of the National Identity Register has added grist to the mill.
Which brings us to the third reason: David Davis. By making
opposition to the growing “database state” a tenet of his
by-election campaign the former shadow home secretary helped keep data loss in
the headlines.
One result of all this media attention is the profile of the
Information Commissioner. Current incumbent Richard Thomas found himself thrust
into the limelight and after years of calling for stronger powers he now has
them.
Opinions are mixed on Thomas’s reign. He comes from a legal
background in a field that is becoming increasingly dominated by technology.
Recently his office has suffered a huge backlog of cases as well as staffing
problems, with many of the commission’s lawyers leaving.
But nobody could claim that data protection has not risen up
the news agenda under Thomas’s stewardship.
However, his yet-to-be-appointed successor, due to take over
in June 2009, will have a different job to the one Thomas inherited. The job
will be more politicised, it will become the object of more media focus, and the
new commissioner will be expected to keep government use of personal information
in check.
Whoever is appointed must be up to speed with technology
many think somebody from an IT background would be suitable.
But just how much will the Information Commissioner’s powers
help solve the government data loss problem?
Changing the culture of government will be no mean feat,
especially at a time when technology is enabling more information sharing. Even
though the fines that can be levied have increased, they are still a token
gesture. What really matters is the adverse publicity of a data breach.
The national media is far more attuned to incidents of data
loss than ever before, so the Information Commissioner can make an enormous
splash through a carefully timed press release. And that means political
paymasters will be keeping a gimlet-eyed lookout on the commissioner’s
activities.
Instead of struggling to raise the profile of data
protection, as Richard Thomas had to do, it seems more likely that the next
commissioner will face more of a challenge keeping some distance from
politicians from all sides.
By Tom Young
Recent Comments