

The UK today is a ‘surveillance society’ and better regulation is needed to protect people’s privacy, argued ex information commissioner Richard Thomas CBE at an address to the this week. But is this the answer?
If the recent WikiLeaks scandal proved anything it’s that privacy – in the traditional sense of the word – no longer exists.
The concept of anonymity has been turned on its head over the last decade, explained Thomas, not because of any failure to control privacy, but because the idea of privacy itself has changed. The old controls are no longer able to contain or to manage the ways in which we share information.
In the past the UK has had a culture of sloppy data protection and management (the HMRC lost CD-ROMs incident being a prime example), but Thomas said he was optimistic that the next generation and data controllers will be better educated in understanding risk.
Over the coming weeks Thomas will be working with the Centre for Information Policy Leadership to put together proposals for new regulations that – if accepted by the government – could be in place in two to three years’ time.
One of the aspects in need of reform is excessive reliance on burdensome ‘notice and consent’ notifications, he argued. "My heart shudders at the possibility of notification issues written by the European Commission," said Thomas, who also criticised the EC’s "unrealistic" approach to international transfers.
There is now a critical need not to prevent access to information – which is impossible to enforce in today’s society – but to make individuals, organisations and governments accountable, he said.
To this end, Thomas spoke of a "binding global code [BGC] framework built on an explicit foundation of accountability," and said organisations should accept responsibility for fulfilment of the BGC.
The legal approach to accountability can work, but accountability must also depend upon mathematics and cultural change - not just who has the best lawyers.
During his lecture, Thomas showed a video clip from the International Conference of Data Protection and Privacy Commissioners that took place in Israel in October, which outlines the privacy risks facing individuals today.
With the growing use of monitoring tools and behavioural targeting also coming under increasing scrutiny, there are increasing concerns about individual privacy. At a time when the issue of privacy has become more sensitive than ever, should the onus be on better regulation? Or do businesses need to be more proactive?
What will be in store for business and the issue of privacy in 2011?
Richard Thomas CBE is a global strategy adviser for legal firm Hunton & Williams. He spoke at the Institute of Chartered Accountants’ event, ‘Private lives in a database world’ on 6 December 2010 in London.
Replies (0)
Please login or register to join the discussion.
There are currently no replies, be the first to post a reply.