Time to Change the Law on Data Responsibility?
Is it time to change the laws relating to the responsibility of holding personal data?
…… “script kiddies” (those who hack from their bedrooms at night through sheer boredom) should not take the full responsibility for their successful penetration of a corporate system; they’re only caught because they have yet to learn how to “cover their tracks” ……
Responsibility for the personal data being stored MUST lie with the directors, owners and senior management of the companies that are hacked due to their incompetence to secure their systems.
Lauri Love should not be extradited because he found security lacking in some serious American Government systems – shouldn’t he be credited for his skills and their security people should be replaced or re-trained to look at the issues from a different angle?
Should it be the directors of “Talk Talk” (not the Norfolk 16 year old who was “showing off to his friends”) in court as it was the THIRD time the company had been hacked inside two years?
The UK’s Information Commissioner, Elizabeth Denham, recently recommended at a Parliamentary meeting to discuss the draft Digital Economy Bill, that the government should hold company directors with personal liability and accountability for data breaches
Would be interested in your thoughts