tfpl blog

Data protection and information governance are key topics of conversation at the moment.  Indeed Data Protection and Data Privacy day was marked across the United States and Europe on 28^th Jan.  Key areas of discussion and concern were the wealth of personal data and information that is now out in cyberspace due to the popular use of social networking sites.  Whilst information sharing is all well and good it seems that people are so enthusiastic about the opportunities that they are neglecting the consequences providing some information can pose.  Dan Raywood in his article in http://tinyurl.com/y95tkhg highlights the problem for employers when the Ministry of Defence revealed that there had been 16 information leaks in the last 18 months via social networking sites.  I think that the utopia of free information sharing encouraged by the early users of the internet is a fantastic philosophy however, I do think that people now need to use this with a sense of caution too as there are, unfortunately unscrupulous people out there who are all too happy to use this to their own advantage and others detriment.

Another key discussion point was the new powers given to the Information Commissioners Office (ICO).   Under new laws that are due to come into force on 6^th April 2010 the ICO could hand out penalties of up to £500K for those companies that are found breaching data protection laws.  This I really don’t find surprising after seeing reports from the ICO that there have been over 800 data breaches in the last 2 years alone.  There have been numerous examples in the news in the recent past of laptops of data being lost on public transport etc.  This is a glaringly obvious example of breach of data protection, but is data protection law easy to follow, how is it affected by Freedom of Information?  Do you know what data/information can be released or not?  It seems to me that the law is never an easy thing to follow and there are some intricate complexities particularly involved in Data Protection.  This is further complicated by new technologies such as social media making it easier than never before to communicate and pass on information.  The ICO states “that staff should be adequately trained and organisations should give proper consideration to restricting staff from downloading large volumes of data on to memory sticks and other portable devices”.   They encourage companies to report data breaches and act responsibly.  Whilst these companies may face regulatory action it wont be as severe as if breaches are covered up and subsequently discovered.  Reference from News E Week Europe http://tinyurl.com/y9svlpu

I think that all of us should be a little more aware and conscientious about the information we are posting and passing on to others in order to protect not only other people but ourselves as well.  In addition making yourself more aware of the law and your own responsibilities under it in the workplace is of great importance given recent reports and events.