Data Protection – update and developments

The UK's new Information Commissioner, Christopher Graham, takes up his post on 29 June, succeeding Richard Thomas in the role. 

Richard Thomas served for 7 years and oversaw the development and enforcement of data protection at a key time in the UK, as the Data Protection Act 1998 bedded down.  One of the primary achievements of Mr Thomas's tenure was to bring data protection to much greater public prominence – a task in which he was undoubtedly helped by a raft of high profile data losses in recent years. 

Mr Graham will face similar challenges in the coming years, a point illustrated by the latest example of poor data protection standards.  As reported on the BBC website today (19 June), Parcelforce's website, which allows parcels to be tracked to their final destination, appears to have breached data security requirements (including the seventh data protection principle, which requires data to be kept secure).  According to the BBC "A failure in the system allowed people using the mail tracing service access to the name, postcode and signature of various addressees. " 

This follows a number of other breaches of data security in recent months, in public and private sector organisations.  The importance of data security – for organsations and for individuals – was again highlighted by Mr Thomas in one of his last newspaper publications (the Mail on Sunday, 13 June 2009) before he stood down.  There can be little doubt that Mr Graham's tenure will be challenging and busy…