Print
Discuss
Send to friend
RSS feedsMarks and Spencer has announced that a laptop containing 26,000 staff member details was stolen last year, prompting the UK data protection watchdog, the Information Commissioner's Office (ICO), to take action against the firm.
“We have issued Marks and Spencer with an Enforcement Notice. They have to encrypt all of their laptops containing personal data by April 2008. If they proceed not to do so, they will be prosecuted,” said an ICO spokeswoman.
The spokewoman went on to say, “We want companies to take data protection seriously, and it is good to see that companies are more frequently stepping forward to make sure they are securely protecting their data,”
“In regards to the Marks and Spencer case, it has brought light to the issue of data protection.”
The ICO has once again called for more enforcement and investigation powers, following this, and other recent incidents. Other recent data losses include the loss of a MoD Royal Navy laptop, containing the personal details of 600,000 people. It was then admitted that two other laptops had also gone missing in December 2000 and October 2006.
The HMRC also lost 25m child benefit-recipients data as well as the personal details of 6,500 pensioners in Cardiff.
The Ministry of Justice has also had a recent data breach, losing four CDs containing the personal information of alleged victims and witnesses.
However, according to experts, some firms are wary of putting too much control on their data, with many admitting that they are wary of too much encryption.
Geoffrey Finlay, chief executive at nCipher, said in a statement, “Companies fear encryption may open Pandora’s box.” But warned firms that the alternative is much worse. However, he added, “With a well planned deployment, supported by strong key management and access controls it is not a difficult barrier to overcome.”
See also:
An alarming number of data loss incidents continue to make news, despite the fact that multiple tools exist to address the problem 28 Jan 2008
The data protection watchdog has served Carphone Warehouse and Talk Talk with enforcement notices 17 Jan 2008
High profile incidents such as that at HMRC have lead to calls for stronger data legislation 03 Jan 2008
New security measures for handling data unveiled in the House of Commons 19 Dec 2007
Firms should learn from the HMRC fiasco and ensure sensitive data is encrypted both at rest and in transit. 11 Dec 2007All Privacy & Data
del.icio.us
Digg this
reddit!
