| Recognising that it would be impractical to seek to hold back advances in information technology, the meeting called for the Government to establish a straightforward and readily enforceable regime that promptly penalised inadequate data protection or misuse. Such a regime should ensure that all government agencies and commercial organisations requiring clients to reveal private personal data should be deterred from allowing it to be used for purposes not originally agreed or failing to safeguard it from falling into unauthorised hands.
Given the importance of the finance sector to our economy, the Isle of Man ought to be setting standards in data handling and protection that would be a beacon for others to follow.
Based on the principle of 'Make the Loser Pay', PAG called for a Misuse of Data Act, covering governmental and commercial bodies and providing for a minimum of £25,000 compensation to anyone who could demonstrate that their data had been lost, held insecurely, or used for any purpose outside the scope of the original authority.
The existence of such a penalty would force organisations to totally re-address the way personal data was stored, and would re-establish the principle of the sovereignty of the individual in determining the use and protection of their personal data.
|
