Software investigate

Peter Cochrane's Blog: Data protection - Who's sticking to the letter of the law?

Apparently, not central government...
Even government has relaxed its approach to applying the Data Protection Act and is now routinely non-compliant

Even central government has become more relaxed about applying the Data Protection Act and is now routinely non-compliant in its communicationsPhoto: Shutterstock

Written in my office on a mild January day after a short fishing trip and sent to silicon.com via wi-fi the same day.

In 1998 the UK government passed the Data Protection Act. The fundamental purpose was to protect the data of the individual including email address, phone numbers, medical, bank, company and other personal information and records.

A short period of near paralysis followed, as industry and individuals tried their best to comply. But that energy seems to have now dissipated in some sectors.

From the outset, it all looked a bit top-heavy and unworkable with a reliance on paper notifications and records. But even worse, it was the product of minds that understood and lapped up bureaucracy with little understanding of human inclination and technology.

Let's focus on just one aspect here. According to the law as it stands today, we have to gain every individual's consent before we can included them in any mailing of two or more people where each recipient can see the details of all others on the same list.

The alternative of course is to us bcc, or blind carbon copy, instead of cc, or carbon copy. Snag is that only old-ish people know what cc and bcc mean, or indeed what carbon paper was.

Perhaps the key question is: what has the world of the typewriter and paper got to do with the world of IT, email, SMS, IM and social networking? As far as I can see: nothing.

So, this morning I'm sitting in front of my laptop and I've just received an email from a central government office addressed to 36 people - none of whom I know. I can see every email address, and they can all see mine. What fun - even government has relaxed and is now routinely non-compliant.

I don't have the space here to expand on all the avenues and opportunities for violating this law but personal web pages, social networking, SMS, IM, mobile phones et al promote even more indiscretions.

And before anyone cites medical records, insurance details, and car registration data as being protected and secure, I have to tell you that they mostly do not comply with the law as it is written.

Thankfully, my bank details and other data that I wish to keep private and secure seems appears to be managed well and does follow the letter of this law - I think.

About

Peter Cochrane is an engineer, scientist, entrepreneur, futurist and consultant. He is the former CTO and head of research at BT, with a career in telecoms and IT spanning more than 40 years.

0 comments