Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Conservatives unveil plans to reduce the surveillance state

The publication of the policy paper by Shadow Justice Secretary, Dominic Grieve, has drawn the expected criticism from the Labour Government, but most industry experts are standing behind the Conservative's plans to reduce the surveillance state, should they get into power at the next election.

According to the Conservatives, in response to an ever increasing intrusive government which relies on "expensive databases and the reduction of civil liberties", it has set out its agenda for fewer central databases and stronger duties on government to keep the private information it gathers safe and to reduce the surveillance state.

In the 11-point plan - entitled Reversing the Rise of the Database State - the measures for reducing the surveillance state include:

  • Scrapping the National Identity Register and ContactPoint database.
  • Establishing clear principles for the use and retention of DNA on the National DNA Database, including ending the permanent or prolonged retention of innocent people's DNA.
  • Restricting and restraining local council access to personal communications data.
  • Reviewing protection of personal privacy from the surveillance state as part of a British Bill of Rights.
  • Strengthening the audit powers and independence of the Information Commissioner.
  • Requiring Privacy Impact Assessments on any proposals for new legislation or other measures that involve data collection or sharing at the earliest opportunity.
  • Require government to consult the Information Commissioner on the PIA and publish his findings.
  • Immediately submitting the Home Office's plans for the retention of, and access to, communications data to the Information Commissioner for pre-legislative scrutiny.
  • Requiring new powers of data-sharing to be introduced into law by primary legislation, not by order.
  • Appointing a Minister and senior civil servant (at Director General level) in each government ministry with responsibility for departmental operational data security.
  • Tasking the Information Commissioner to publish guidelines on best practice in data security in the public sector.
  • Tasking the Information Commissioner to carry out a consultation with the private sector, with a view to establishing guidance on data security, including examining the viability of introducing an industry-wide kite mark system of best practice.

Speaking at the launch of the policy paper, Shadow Justice Secretary Dominic Grieve said the government's approach to the Conservative's personal privacy is the worst of all worlds: intrusive, ineffective and enormously expensive.

"We cannot run government robotically. We cannot protect the public through automated systems. And we cannot eliminate the need for human judgement calls on risk, whether to children, or from criminal and terrorist threats."

"As we have seen time and time again, over-reliance on the database state is a poor substitute for the human judgement and care essential to the delivery of frontline public services. Labours surveillance state has exposed the public to greater - not less - risk."

According to PGP Corporation, the encryption specialist, under the Conservative's plans, the Information Commissioner's Office would receive stronger powers to penalise organisations that lose data, and would also be tasked with establishing guidelines on best practice data security.

Jamie Cowper, Director of EMEA Marketing PGP, said that it is interesting that the Tories want to give the Information Commissioner greater powers to punish organisations which flout data protection legislation, but the proposed best practice guidelines will be equally important if organisations are to prevent the data breaches of tomorrow.

"While some sectors, such as the financial sector, have been relatively quick to self-regulate and develop guidelines on how to keep data safe, in other sectors such procedures have been sorely lacking."

"And with 70% of UK organisations having admitted to a data loss incident in the last year**, it's clear that much more has to be done to secure the nation's data."

According to Cowper, all the measures designed to protect the public's data - such as those proposed by the Dominic Grieve - should be welcomed.

"But the security of our personal information must be considered a basic human right, not just be the remit of one individual party."

"We'd like to see genuine cross-bench initiatives to establish clear data security procedures for both private and public sector organisations and to dramatically reduce the incidence of severe data breaches."

What’s Hot on Infosecurity Magazine?