In sensational fashion, the conversation about data breaches got kicked up a notch this week as reports detailing the News of the World phone hacking scandal continued to emerge.
It's not the type of breach you typically read about in this or other IAPP newsletters, but in recent days it has served to reopen a dialogue about penalties for data protection offenses, and it may propel the UK government to institute custodial sentences for serious infringements of its Data Protection Act.
Back in 2006, then UK Information Commissioner Richard Thomas issued reports detailing the nature and extent of the illegal trade in personal data, and he called for jail sentences in order to deter potential offenders. This week, Prime Minister David Cameron admitted that those reports were not given their due. The government will revisit them during a Judicial Inquiry scheduled as a result of the hacking scandal.
In a story for the IAPP Europe Data Protection Digest, a London attorney said, "The introduction of jail sentences is now inevitable."
Adding jail time to the quiver of penalties data protection authorities have for sentencing offenders could certainly add some teeth to data protection legislation. No doubt DPAs around the world are watching to see what will happen in the UK.
J. Trevor Hughes, CIPP
President & CEO, IAPP