A report by the Justice Committee suggests that fines do little to discourage breaches of the Data Protection Act (DPA) because the financial rewards of doing so can be so great. "Using deception to obtain personal information or selling it on without permission are serious offences that cause great harm. Magistrates and judges …
The Justice Committee...
For some reason "the Justice Committee" conjures up a picture of four people wearing masks and their underwear outside their clothes, accompanied by a toothless dog with "ICO" on its collar.
It's got the dried frog pills in a pocket.
To whom does this apply?
"Using deception to obtain personal information or selling it on without permission are serious offences ..."
I'm a little confused about what constitutes "deception" here, and how do you get permission from users who are not knowledgeable enough to even give consent? Oh well, I guess there's some phrase in there that excludes Google and Facebook.
It's easy to obtain consent from anyone... all you need to do is ensure that you have a clear consent statement on any web forms that the data subject submits. If you want to take it a step further, you can use tick boxes and allow the data subject to opt-out; providing that you follow the regulation 22 soft opt-in rules. Or, if you're buying a mailing list, all you need to do is ensure that you buy it from a DMA approved company and not some dodgy website.
Where's the difficulty?
I understand your point. From a legal point of view there is no difficulty. I would, however, suggest that there is another way to look at it as well.
Can you ignore the reality that people will tick tick boxes without knowing what they are agreeing to? Ask some Facebook users what they think the user agreement looks like, or what it might mean to them. I honestly don't think that many people are very cognisant of what they are agreeing to on-line. This is a similar situation to getting consent from children who are under age - they don't understand the ramifications and hence are incapable of giving consent. When it comes to on-line activity,I think many people are co-opted by social pressures into agreeing to documents which they have not read and may in fact be unable to understand. Is that really consent?
Making the punishment more severe is all well and good. However, it seems to be a bit pointless when the most guilty parties never seem to be...guilty.
I'm all for it.
Question is: Will that affect only the government, or will the MPs go to jail as well? How about various law enforcement agencies which are "blagging" most private data all the time, on varying and often dubios legal grounds... The jails might get very crowded very quickly.
A bit overdue...
... but it could "phorm" some good news.
Isn't this covered by other laws?
Fraud? Obtaining benefit by deception?
There's a raft of laws available which could be used to provide a custodial sentence if used so why do we need another law?