The Conservative Party will make it an offence for a Crown servant or a government contractor to lose personal data.
The reckless handling of personal data offence was part of a wide-ranging package of measures to combat cyber crime unveiled today by Shadow Home Secretary David Davis.
Davis's proposals follow recent revelations of the loss of hundreds of government laptop computers and memory devices that exposed tens of millions of voters to identity theft and fraud.
Speaking at an e-crime conference in London, Davis spelled out measures that largely incorporate the recommendations and comments on personal internet safety made last August by the House of Lords select committee on science and technology, and rejected by government.
The Conservative Party would, among other things:
• Create a specialist Home Office minister to co-ordinate policy on cyber security, cyber crime prevention and international co-ordination
• Set up a new police national cyber crime unit
• Set up a specialist cyber crime unit in the Crown Prosecution service
• Set up a fraud and cyber crime complaint centre
• Change the way police report cyber crime
• Ratify the Cybercrime Convention
Davis said the Tories would also set up a framework to promote closer links between the public and private sector to set standards and reduce risks.
He said the party would review the law and criminalise the hiring of botnets for cyber attacks. Anyone who held personal data would have to report suspected data breaches to the police and the Information Commissioner's Office. If required by the ICO, they would have to tell those whose data might have been compromised by the breach.
Davis said the Conservatives would "reform the 'mere conduit' defence" for internet service providers under the E-Commerce Directive, saying it was "unsustainable" in its current form.
ISPs already have to take down sites that spread copyrighted material. Under the Tories' proposals, this duty would expand to include hate, racist, and unacceptable sexual and violent material. "To promote strong social cohesion and to ensure greater public protection, it is essential that firm action is taken by ISPs, the police and other law enforcement agencies," Davis said.
Davis said there was a "shared social responsibility" to act against file-sharing hosts and people who set up fraudulent websites or who used e-mail accounts to attack or spam others. He said they would review penalties against ISPs who did not act quickly enough to stop abuses after being informed.