By Max Clarke

Privacy laws are failing to keep pace with the increase in collection and storage of private data, offering UK citizens poor protection from privacy breaches.

These are the findings of a new report carried out by the Equalities and Human Rights Commission (EHRC) on privacy online security.

The report shows that the way government and its agencies collect, use and store personal data is deeply flawed. They may be unaware that they are breaking the law as the complexity of the legal framework means their obligations are unclear.

“It’s important that the government and its agencies have the information they need about us to do their job, for example to fight crime, or protect our health,” said Geraldine Van Bueren, a Commissioner for the Equality and Human Rights Commission. “However, the state is holding increasing amounts of information about our lives without us knowing, being able to check that it’s accurate or being able to challenge this effectively.

“This needs to change so that any need for personal information has to be clearly justified by the organisation that wants it. The law and regulatory framework needs to be simplified and in the meantime public authorities need to check what data they have and that it complies with the existing laws.”

Breaches of privacy, argue the EHRC, are likely to get worse in the future as demand for personal information increases and as new technology is developed for collecting, storing and sharing that data that are not covered by existing legislation or regulations. Piecemeal reform of relevant laws, such as the proposals in the Protection of Freedoms Bill, although welcome, may not be sufficient to ensure people’s rights are protected.

Multiple breaches of personal data privacy — including the amount of information and how it is collected, loss of data, data being passed between agencies without permission and the use of surveillance — underline the pressing need for the state and others to reform how information about people is collected, used and stored.

One example of a breach of information privacy came to light in November 2007 when the Government revealed that HM Revenue and Customs had lost a computer disc containing the child benefit records of more than 25 million people. Less than a month later, the Government then disclosed that a computer hard drive had also gone missing in the United States, this time with the personal details of some three million UK learner drivers.

Join us on
Follow @freshbusiness