I’ve grown up reading Tom Clancy and probably most of you have at least seen Red October, so this book caught my eye when browsing used books for a recent trip. It’s a fairly human look at what’s involved in sailing on a Trident missile submarine…
The New Information Commissioner for the United Kingdom is Mr. Christopher Graham, he’s working from Wilmslow, near Manchester, with a team of hundreds to bring responsibility back to private companies’ [mis]management of customer data – and he already took on T-Mobile for a customer sell off by employees debacle that, which of course, they tried to conceal. He’s out to enforce Parliament’s Data Protection Act, and he’s sending out warrants and private investigators as he goes! Bravo, the Database Cops are coming and they are armed with the DPAJ – too bad QC couldn’t follow along and enforce Bill C-198 amongst government institutions.
Hats off to the UK government’s efforts to protect data the way it should be and reinforce data stewardship, for more details please see: http://www.computerweekly.com/Articles/2009/11/27/239490/ICO-publishes-guide-to-quash-business-ignorance-on-data.htm
Here’s an excerpt from the BBC article, which states that T-Mobile’s employees were simply: ‘Exploiting data’
The Ministry of Justice has been consulting on tougher penalties for illegal trade in personal information.
The Data Protection Act bans the selling on of data without prior permission from the customer and a fine of £5,000 can be imposed following a successful prosecution.”
It is truly amazing to see such a brave man publically speaking out against things that simply have to be stopped – data protection must be taken more seriously by the business community, as well as government bodies themselves. Environments, for instance, that do not adhere to Auditing Compliance, the principle of least privileges or the Segregation of duties are a clear target for the Information Commissioner to start, and I have let Christopher know personally 🙂
Please note that I am in transition to a permanent job currently with Canadian media giant Transcontinental, and am training on Oracle 11g, Release 2, thus I shall resume more frequent blogging in the New Year. Final French version of the DRP for SQL Server was submitted last week to Simple Talk also.
For further reading: Security Breaches by Sector and How Data was Disclosed courtesy of the Information Commissioner’s Office.