Speaking seven months after his appointment to as head of the Information watchdog, Thomas said he aimed to introduce rapid changes to data protection policies and procedures that would make it easier for businesses to comply.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
“I have heard a lot of negative comment about the complexity of data protection and, unfortunately, this is getting in the way of ensuring that real data protection is achieved in practice,” he said.
Thomas has asked organisations and individuals to come forward with ideas for simplifying data protection before a full formal consultation in the autumn.
Although the commissioner is unable to make any changes to the EU data protection directive and the 1998 Data Protection Act, he said that a lot could be achieved by making changes to secondary legislation.
“I believe that we are likely to find many detailed changes of approach which will add up to fewer burdens on business and better protection for ordinary people. This will be a win-win for all concerned,” he said.
Thomas has already claimed credit for simplifying a controversial code on monitoring staff in the workplace, after early drafts drew heated opposition from both trade unions and employers.
Thomas said data protection and freedom of information were not only important safeguards in society but also fundamental to good business practice.
“Which business wants to hold information about their customers or staff that is inaccurate, out of date or insecure? Which public body wants to generate suspicion and distrust through unnecessary secrecy?”
Thomas said his overall aim was to weave data protection and freedom of information into the fabric of society so that “both are seen as natural, beneficial and essential".
Although Thomas said he would use legal sanctions if necessary, it would be a sign of failure if legal action became the norm to force organisations to comply with data protection regulations.
Send your comments to Make.DP.email@example.com