On 24th October 2010, BBC News (Technology) reported:
“Britain’s privacy watchdog is to look again at what personal information internet giant Google gathered from private wi-fi networks”
The BBC report notes that, earlier this year, the Information Commissioners Office (ICO) investigated a sample of data collected by Google from private WiFi networks during its ‘Street View’ project. At the time, the ICO concluded that “it was unlikely that Google will have captured significant amounts of personal data” and that there was “no evidence as yet that the data captured by Google has caused or could cause any individual detriment”. However, the ICO will now be reopening its investigation after Google admitted, through their official blog, that sensitive information (including passwords) had in fact been collected. The ICO have also issued a new statement reiterating their continued liaison with international counterparts. Based on their findings, the ICO will “be making enquires to see whether this information relates to the data inadvertently captured in the UK, before deciding on the necessary course of action, including a consideration of the need to use our enforcement powers.”
Also in the news recently was Iain Martin’s ‘Citywire’ story on the loss of laptops, Blackberries and USB memory sticks over the last 3 years by the Financial Services Authority (FSA). It appears that all of the laptops and USB devices were encrypted and the Blackberries were password-protected. Nevertheless, the fact that the loss was sustained by the very authority that has been handing out fines to financial institutions for data security lapses, whilst issuing regulatory guidance in a bid to get tough on data security throughout the industry, ensured that the media took a keen interest in these events.
These two episodes are just the latest examples in what appears to be a never-ending stream of reports on data security breaches and asset losses within the UK and overseas. In an earlier news article, Regency covered ‘The Cost of Data Leakage’ and the possibility of large fines being issued by the ICO. We have now followed this up with a paper on the ‘Privacy Impact Assessment’, describing how Regency can help your organisation remain compliant with the Data Protection Act and stay clear of any ICO investigations.