ICO Statement on the UK DNA Database

May 27, 2008 — 585

In September 2007 the ICO made the following statement about the UK DNA database:

“Society needs to take a very long and very hard look at this issue before a universal database of everyone’s DNA is considered. I welcome a debate on the future of the database especially as there is unfairness with the current system and the issue has received little public debate to date. However, to extend the database further has serious implications for people’s privacy in this country.

There are significant risks associated with creating a universal database: it would be highly intrusive, and the more information collected about us, the greater the risk of false matches and other mistakes. The potential for technical and human error leading to serious consequences cannot be under estimated.

There are also significant practicalities to address, such as keeping track of people, and keeping the records up to date and accurate. A proper public debate is needed about whose DNA should be held, for how long and with what safeguards. The Data Protection Act provides the framework for protecting people’s personal information and balancing the need to prevent and detect crime. The ICO will engage constructively in the debate and expects to be fully involved in the consideration of any firm proposals that the government develops.

Despite the ICO’s concerns about the DNA database and a call for a public debate, the UK government continues to push ahead with the plans to share DNA data, in a “genetics, database”.

Posts on this subject are available below

Data Sharing Continues

Data Exchange Across the EU

The full statement from the ICO can be downloaded here – ico-statment-about-dna

Posted in DNA. Tags: , . No Comments »

ICO aims to stop trade in Personal Information

May 27, 2008 — 585

The Information Commissioner is determined to stop the illegal trade in personal information.

He has attached great weight to clause 76 – increasing the penalties for the existing criminal offence immediately – and would of course prefer to see it remain in the Bill. But he recognises that the first New Clause will still allow the Secretary of State to increase the penalties for the data protection offences of disclosing, obtaining or procuring information without consent. Section 55 of the Data Protection Act 1998 means that this has been a criminal offence for many years, but has only attracted derisory penalties. The Commissioner’s 2006 report “What Price Privacy?” exposed a hidden, pernicious and extensive trade in personal information which damages individuals, the organisations from which data is obtained and society at large. Personal data at risk includes financial, medical, and police records. The New Clause sends a strong signal that this conduct is unacceptable. The Commissioner hopes that this will act as a real deterrent to any sectors still contemplating illegal access to personal data. He will press hard for immediate implementation if the practices persist.

Full text here

Posted in Data Loss, UK Law. Tags: , . No Comments »

ICO Survey on 'data loss' confidence

May 27, 2008 — 585

The Information Commissioners Office conducted a survey of across all age groups, genders, and regions within the UK.

Overall just 9% of people had total confidence in the banks and governments to store their data, with a net result of 53% who were not confident, and 16% not confident at all.

Also interestingly 72% of people said that they felt “powerless” about how their stated is stored.

The full ICO report is available here – ICO Survey Feb 2008

How confident are you with the way organization, such as banks, councils and the government, look after your personal details?

Posted in Data Loss. Tags: , . No Comments »

More companies admit data loss

May 27, 2008 — 585

Several firms have admitted security failings in the wake of the loss of two discs containing 25 million people’s details, MPs have been told.

Information Commissioner Richard Thomas told the Commons justice committee that public and private sector bodies had come forward “on a confessional basis”.

Full story on the BBC

Posted in Data Loss. Tags: . No Comments »

37 million records lost in the UK in 2007

May 27, 2008 — 585

A record 37 million items of personal data went missing last year, new research reveals.

Most of the data was lost by government officials but councils, NHS trusts, banks, insurance companies and chain stores also mislaid or published personal information about staff or members of the public.

Full article on the Daily Telegraph

Posted in Data Loss. Tags: . No Comments »

NHS lose millions of records

May 27, 2008 — 585

Nine NHS trusts in England have admitted losing patient records in a fresh case of wholesale data loss by government services, it has emerged.

Hundreds of thousands of adults and children are thought to be affected by the breaches, which emerged as part of a government-wide data security review.

The Department of Health says patients have been told and there is no evidence data has fallen into the wrong hands

Full story on the BBC

Posted in Data Loss. Tags: . No Comments »

HMRC loses 25 million records

May 27, 2008 — 585

Two computer discs holding the personal details of all families in the UK with a child under 16 have gone missing.

The Child Benefit data on them includes name, address, date of birth, National Insurance number and, where relevant, bank details of 25 million people.

Chancellor Alistair Darling said there was no evidence the data had gone to criminals – but urged people to monitor bank accounts “for unusual activity”.

The Conservatives described the incident as a “catastrophic” failure.

Full story on the BBC

Posted in Data Loss. Tags: . No Comments »

Chile has 6 million records "lost"

May 27, 2008 — 585

A computer hacker in Chile has published confidential records of six million people, it has been revealed.

The information was obtained by hacking into government and military servers, and was posted on a technology blog, reports the El Mercurio newspaper.

The personal data inlcuded names, street and email addresses, telephone numbers and social and educational background.

The hacker left a message saying the aim was to demonstrate the poor level of data protection in Chile, says the newspaper which uncovered the story.

Full story here -in the  Telegraph

Posted in Data Loss. Tags: . No Comments »

Burnley Council uses RIPA

May 27, 2008 — 585

Burnely Council has become the latest council to be found misusing their surveillance powers, they have been found to be using “RIPA powers” for the investigation of a variety of offences, including dog fouling. This means that they were using covert survelliance of the local population to detect dog fouling.

While nobody likes dog fouling, is it proportional to hire low paid goons, with little to no qualifications, to monitor individuals as they go about their delay business, with the possibility of catching one or two dog walkers allowing their dogs to foul?

RIPA, the law which allows the councils to conduct this spying, was bought in at the beginning of the decade, and was designed to help combat terrorism. Burnley council have been very supportive of the legislation relating to terrorism and stated:

“Burnley Borough Council welcomes this opportunity and fully supports effective moves to strengthen legislation and policing approaches to counter the threat of terrorism.

We feel that there is an important, separate, complementary role for local councils in cooperating with the Police and the community on action to prevent violent extremism through a range of activities and community leadership. The Council is committed to seeking ways to improve this through its work as a Preventing Violent Extremism Pathfinder authority.”

Their response to the terrorism laws can be seen in full here, and the letter they wrote to the home office is available here

Now that we know Burnley are happy to use these more extreme powers for their own petty purposes and empire building, we have to ask if the were  keen for the anti-terror purposes for the greater good, or just to allow them to collect more and more information about their electorate?

Nick Aves, Burnley Council’s resources director, said it was “quite rare” for the powers to be used in this way; but he did not say it would not be used again in this way.

Posted in RIPA. Tags: , . No Comments »

Data sharing of DNA and Fingerprints within EU continues

May 27, 2008 — 585

The UK goverment is pushing forward with plans to share data, with the EU, under what is known as the Prum Convention.

The plans include sharing DNA, Fingerprints, and Vehicle data. Hansard, which reports on the goverment debates and speeches refers to it as “Genetics: Database”.

On 22nd April 2008 David Davies, the shadow home secretary, asked for an update from Jacqui Smith (the Home Secretary) on the state of this process.

Jacqui Smith stated:

The EU Council Decision on the stepping up of cross-border co-operation (also know as the Pr?1/4m Council Decision) provides improved arrangements for the sharing of fingerprint, DNA and vehicle registration data by law enforcement authorities. For example, where a DNA sample retrieved from a crime scene is searched against a national database and no match is found, the Council Decision permits for that data to be transmitted and searched through member states’ national databases. A notification is sent to the requesting member state notifying of a hit or no hit i.e. matching profile. If a match is identified, further requests for information are processed through existing secure police channels allowing for appropriate data protection safeguards.

The UK expects to begin sharing data in this way within three years of adoption and publication of the legal text

The original Hansard Article can be found here


Posted in DNA, UK Law. Tags: , . No Comments »
« Older posts
Newer posts »