This must contradict dozens of UK laws
Principle 7 of the Data Protection Act:
"Appropriate *technical* and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data."
Congratulations Dave - every single government department, every bank, every NHS department, every company would commit an offence under your proposed legislation. I'd be first in line to press the charges and serve the lawsuits - I think naming you in a class action would be reasonable. Unless you plan to repeal the Data Protection Act and legislation on patient confidentiality?
And laws aside, what about PCI-DSS Control Objective - Protect Cardholder Data:
3. Protect stored cardholder data
4. Encrypt transmission of cardholder data across open, public networks"
So it would be reasonable for the payment cards industry to allow no credit and debit cards for anyone in Britain, ever again.
That's the first couple of several hundred implications I can think of.