Two London Law Firms are being fined £815 each by the Information Commissioner because they failed to register with the Information Commissioner Office and pay the yearly fees despite repeated reminders. All organizations that process or merely deal with personal data must notify the Information Commissioner under the Data Protection Act.
Actually, it is easy to register and it only costs an annual £35 for the whole firm. But I understand why some professions would rather not register and risk disclosing information and links. This is mainly done as a protection of the client’s interest especially under the lawyer-client communication. And I speculate that later on it will serve as safeguard against a person or lawyer’s right against self-incrimination.
Even if I assume the most positive, that the law only demands registration of the user’s own personal data without any submission of the protected data handled, it still puts people at risk. By registering, the government is granted access and entry for investigations in the guise of regulatory powers. True, at the outset it looks harmless enough as a protection of privacy of any individual against abuses of the users of his data. But who protects the individual from the government?
It is like in tax evasion investigations here wherein the government can lawfully audit a company not only through its own books or accounts, but it can also trace and audit through the suppliers, buyers and other people they deal with, such as lawyers. The links that are declared could very well give prosecutors the vital information as evidence to prosecute either the clients or those people or companies who and which are traceable to the client. It would be in violation of privacy and law.
SOURCE: http://www.theregister.co.uk/2008/02/22/lawyers_fined_4_data_breach/
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment