Firms must consider privacy before installing new IT, says Information Commissioner

Organisations must consider the impact on individuals' privacy before developing new IT systems or changing the way they handle personal information, the Information Commissioner's Office (ICO) has demanded.

At a conference on the "surveillance society" in Manchester, the ICO said the breach at HM Revenue and Customs was a watershed and has called for organisations to implement new safeguards to help protect individuals' privacy.

The UK's first privacy impact assessment handbook has been launched by the ICO, to help organisations address the risks to personal privacy before implementing new initiatives and technologies.

By carrying out a privacy impact assessment organisations will also increase public confidence in data collection, said the ICO.

David Smith, deputy commissioner at the ICO, said, "Very often the collection and use of personal information is essential and beneficial to modern life, but many people do not realise that data collection is at the heart of surveillance.

"Each time someone gives away their personal information they leave electronic footprints which build up a picture of every aspect of their daily lives."

Smith said, "It is essential that before introducing new systems and technologies, which could accelerate the growth of a surveillance society, full consideration is given to the impact on individuals and that safeguards are in place to minimise intrusion.

"Privacy impact assessments are a common sense approach to help organisations develop privacy friendly ways of working."