House of Commons (UK) Report: Cyber Security: Protection of Personal Data Online
Your attention is drawn to a report of the House of Commons Culture, Media and Sport Committee in the United Kingdom addressing Cyber Security: Protection of Personal Data Online.
This can be accessed at the following link: http://www.publications.parliament.uk/pa/cm201617/cmselect/cmcumeds/148/148.pdf
This report, published on the 20th June 2016 uses as a focus the TalkTalk cyber-attack and responses to the cyber-attack which were considered by the Committee. However, its considerations are far wider and the recommendations made in the Conclusion and Recommendations are far-reaching.
What the conclusions and recommendations emphasise is the Information Commissioner's Office should take a far more rigorous approach to the protection of personal data. It indicates that there needs to be a "step change" in consumer awareness of online and telephone scams and discusses how this might be achieved. It also addresses the importance of someone (in the context of South Africa the Information Officer) taking full day to day responsibilities for cyber security. Allied to this it recommends that to ensure that cybersecurity receives sufficient CEO attention a portion of a CEO's compensation should be linked to effective cybersecurity.
With regard to sanctions, several recommendations are made to increase penalties and strengthen the hand of the Information Commissioner's Office in dealing with delinquent processors of information. This is largely in line with the stricter approach which is evident in the GDRP.
Coinciding closely with the publication of the report is the commencement of the new Information Commissioner in the UK, Elizabeth Denham, on the 18th July 2016. It will be interesting to follow her approach, and certainly those persons appointed to the Information Regulator's Office in South Africa would be wise to consider the example that she will set. Elizabeth Denham is a hardliner on privacy and in view of the strengthening stance to privacy globally, it is likely that she will take the recommendations referred to above to heart in seeking to protect the personal information of UK citizens.