Data loss CEOs should go to jail

Summary:Richard Thomas, head of the Information Commissioner's Office (ICO) in the UK, told Parliament that CEOs should be responsible for the protection of confidential data in their firm's possession, and should face criminal charges in the event of data loss.This recommendation comes in the wake of recent high-profile data breaches, in particular the loss of unencrypted information on 25 million UK citizens by UK Revenue & Customs (HMRC).

Data loss CEOs should go to jail

Richard Thomas, head of the Information Commissioner's Office (ICO) in the UK, told Parliament that CEOs should be responsible for the protection of confidential data in their firm's possession, and should face criminal charges in the event of data loss.

This recommendation comes in the wake of recent high-profile data breaches, in particular the loss of unencrypted information on 25 million UK citizens by UK Revenue & Customs (HMRC).

As described on their website, "the ICO is an independent public body and the Ministry of Justice is the ICO’s sponsoring department within Government."

IT Pro News reported:

According to a presentation by Information Commissioner Richard Thomas to the House of Commons' Justice Committee, chief executives would have to certify that companies had safeguards in place to protect personal data.

The Guardian added:

Failure to take care of people's personal information could be a punishable by law in future as Thomas argued that "knowingly or recklessly" putting someone at risk due to inadequate data protection should be made a criminal offence.

Data breaches in which personal information is lost have become commonplace, as shown by the news listed in the Forum of Incident Response and Security Teams.

Although government oversight would make those responsible for losses accountable, such measures are not a panacea. For example, stricter penalties may push data centers offshore, to countries with weaker laws. While no perfect solution exists, stricter regulations will send a clear signal to government and private sector employees: if you lose someone else's information due to negligence, you will pay the price.

Topics: Government : US, CXO, Data Centers, Government, Hardware, Storage

About

Michael Krigsman is recognized internationally as an analyst, strategy advisor, enterprise advocate, and blogger. For CIOs and IT leadership, he addresses issues such as innovation, business transformation, project-related business objectives and strategy, and vendor planning. For enterprise software vendors and venture-funded star... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.