MPs demand prison for breaches of the Data Protection Act

MPs have demanded custodial sentences for breaches of the Data Protection Act, stating that the existing policy of fining offenders is an inadequate deterrent.

In a Justice Select Committee report, committee chairman Sir Alan Beith MP argues that such breaches are serious offences, and small financial penalties are an ineffective deterrent.

"Using deception to obtain personal information, or selling it on without permission are serious offences that can cause great harm.

"Fines are used to punish breaches of data protection laws, but they provide little deterrent when the financial gain exceeds the penalty."

The report also warns that some misuses of personal data are not being investigated properly, as the Information Commissioner's Office (ICO) lacks the power to force organisations to undergo information audits.

"The Information Commissioner's lack of inspection power is limiting his ability to identify problems or investigate potential data abuses," says Beith.

"Ministers must examine how to enable the Commissioner to investigate properly without increasing the regulatory burden on business or the public sector."

Speaking exclusively to Computing, Deputy Information Commissioner David Smith explained that these powers are already provided for in the Criminal Justice and Immigration Act of 2008, but the Secretary of State has yet to bring them into force.

"We're saying go ahead and do it, there's a serious problem and we need custodial sentences, there's no need to wait until the Leveson Enquiry."

The Leveson Enquiry is an investigation into the issues raised by the News of the World phone hacking scandal, begun this year. Lord Justice Leveson is the chairman of the enquiry.