|
DISCLAIMER: Logging other people's keystrokes or breaking
into other people's computer without their permission can
be considered illegal by the courts of many countries.
The monitoring software reviewed here is ONLY for authorized
system administrators and/or owners of computers.
We assume no liability and are not responsible for any misuse
or damage caused by the keylogging software. The end user of
this software is obliged to obey all applicable local, state,
federal and other laws in his country of residence.
July 04th, 2008
Experts urge criminal charges for data breaches
Francis Aldhouse, who is now an information law and policy consultant for legal firm Bird & Bird, said on Thursday that such penalties were necessary to implement a change in the culture surrounding data-protection adherence. He was speaking at a Westminster eForum event on the "policy challenges of information security" in the wake of numerous public- and private-sector data breaches and losses.
Calling for "limited, focused legislative changes", Aldhouse said he favoured a carrot-and-stick approach. The "carrot", he suggested, could be a "safe harbour for organisations guaranteeing by audit" that they have the right data-protection procedures in place, thus becoming exempt from potential penalties should something go wrong. As for the "stick", he said: "I would like to see a criminal penalty for failing to comply with [the principles enshrined in the Data Protection Act] and for this to apply to individuals, as well as organisations".
"The incentivisation of organisations and individuals is the most important [element] in any new law," Aldhouse said, adding that "loss of custom or political criticism" would also play a part in convincing private and public entities to take data protection seriously.
Aldhouse's comments were echoed by Dr Chris Pounder of law firm Pinsent Masons, who said at the forum that some form of data-breach-notification legislation was needed, but not as a separate entity from the Data Protection Act [DPA], so as to avoid the fragmentation of enforcement.
"[The idea] should be brought within the principles of the DPA… and the information commissioner can enforce it," said Pounder. "We need to increase the risk profile… and possibly [introduce] a criminal offence in relation to major data breaches. Then the culture will change."
The concept of data-breach-notification legislation was also backed by Anna Fielder of the National Consumer Council and Carrie Hartnell of Intellect, the body that represents the UK's technology industry. More cautious notes, however, were sounded by Mike Bradford, head of regulatory affairs for the credit-data firm Experian, and Merlin, Earl of Erroll and a member of the House of Lords.
Bradford warned that notification of data breaches had to be weighed against the economic effects of "scaremongering", while Erroll said he was no longer certain that data-breach-notification legislation was a good idea, because it is difficult to clearly define what constitutes a 'breach'. Erroll gave the example of the lost HMRC child-benefit CDs, as it remains unknown whether anyone ever found the discs, let alone used them for any nefarious purposes.
David Smith, the current deputy information commissioner, also spoke at the event. He said increased penalties for breaches could "change things to some extent, but it's the publicity and negative effect to the reputation of [the organisation that is in breach] that matter".
Source: ZDNet UK
All news for September, 2009
All news for 2009 year
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year
DONATION: www.Anti-Keylogger.Org and www.Keylogger.Org is an independent research projects supported by a team of enthusiasts. If you find this project useful and would like to help foster its continued development, please consider making a donation.  Thanks in advance for your support! |
