Senior executives could end up in jail if they misuse personal data under a government crackdown announced this week.
The move will punish people selling or obtaining personal information illegally, with proposed penalties of up to two years’ in prison.
The Department for Constitutional Affairs endorsed the Information Commissioner’s Office recommendations, in announcing its intention to add jail terms to the sentencing regime under the 1998 Data Protection Act, together with unlimited fines.
The aim is to clean up the illegal trade in people’s personal information such as addresses, bank details, health records, criminal records and details of car ownership.
Caroline Egan, a consultant in the commercial services practice at law firm Hammonds, said: “Data-sharing, particularly in the public sector, is increasing all the time. To retain public confidence, penalties for deliberate misuse need to be increased.”
Businesses thought to be most at risk of falling foul of the higher penalties include insurance companies, lenders and creditors, and local authorities who use enquiry agents to obtain this sort of information, as well as the agents themselves and journalists.
“This proposal is just one part of coming down heavily on those businesses that have made no real effort to comply with the Act,” Egan said.
New York, new danger
In the US, a laptop computer containing personal information on 540,000 New York state employees has been found, after going missing in May.
The laptop disappeared from the offices of a data management company being used by the New York Special Funds Conservation Committee, which deals with compensation payouts to employees.
It is still unclear as to whether the laptop was stolen or simply lost by the CS Stars data management company.
CS Stars had already written to all employees whose personal details were contained on the laptop, which included their social security numbers. It offered them free credit checks with credit agencies and free identity theft insurance, to counter any threat posed by the theft.
The FBI, which was brought in to investigate the disappearance of the computer, believes the data on it has not been used for any criminal activity. It has not been disclosed where the missing laptop was eventually found.