IT bosses liable over ASP data

UK IT directors could be prosecuted if European data protection rules are breached by their application service provider (ASP),...

UK IT directors could be prosecuted if European data protection rules are breached by their application service provider (ASP), the Application Industry Consortium (Aspic) has warned.

Nick Huber

Directors of firms that outsource IT services could be left to face the music if their ASP breaches data protection rules deriving from the European Commission's data directive, Aspic warned.

A report for Aspic raised concerns over the different data protection requirements among EU countries under the 1995 directive. This could make compliance with the laws difficult for companies.

Aspic called on the EC to review its data protection laws to keep pace with cross-border e-business.

"If a company operates across Europe it has different obligations in different countries," said Jeff Maynard, European chairman of Aspic. "If you have a router or a server in Luxembourg you are required to have processes audited annually by the local data protection commissioner. In theory, if anyone does not comply the directors of the client company could go to jail."

UK data protection officials confirmed that companies with European branches may have to comply with different requirements under the data protection directive. But they stressed that the location of equipment was not an overriding factor and was unlikely to require a UK company using an ASP to comply with foreign laws.

nick.huber@rbi.co.uk

This was last published in March 2001

Read more on Business applications

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close