Justice minister urges overhaul of gov't data handling

Justice minister urges overhaul of gov't data handling

Summary: Michael Wills has called for the government to handle data transactions as carefully as financial transactions

SHARE:
TOPICS: Security
0

Justice minister Michael Wills has called for a root-and-branch change in how the government handles citizen data.

Wills told the House of Lords Constitution Committee on Wednesday that government should treat data transactions in the same way as financial transactions.

"There is a clear need for radical change in government in how we handle data," said Wills. "We don't handle data in the same way as we handle money, and I think we should."

The minister spoke of the need for 'data minimisation' — that is, only holding as much data as is necessary to provide a service — and following other data-protection principles, such as only providing access to data for the purposes for the data was originally collected.

"I don't think anyone wants to see gigantic databases where anyone can go and search," said Wills. "I think the security implications of that are horrendous."

Government plans for increased data sharing, which the government claims will improve services to citizens, will not be possible if the public doesn't have confidence in government data handling, said Wills.

"There is unease about the spread of data [that] people are holding on you," Wills added. "Clearly this is an issue we are going to look at."

The justice minister's comments were made in light of a number of reports on government data losses published on Wednesday, including a review of the HMRC loss of 25 million child-benefit claimant details by PricewaterhouseCoopers chair Keiron Poynter, and a report into MoD data breaches by Sir Edmund Burton, chair of the Information Assurance Advisory Council.

Read this

Feature

Keep mobile data from going walkabout

Mobile email is no longer the preserve of upper management but providing access to company information on the go has its risks...

Read more

Cabinet secretary Gus O'Donnell also published a review of information security in government on Wednesday.

According to O'Donnell, in response to the raft of public-sector data losses, a series of mandatory security measures are being put in place, including data encryption and compulsory penetration testing by independent contractors. All civil servants dealing with personal data are to undergo annual training, while the government will introduce 'privacy impact assessments' to projects, as recommended by the information commissioner.

"Recent data losses and thefts have underlined the need for urgent action to improve data protection right across government and to bring about a fundamental change in culture among those who are entrusted with the public's personal records," said O'Donnell.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion