Britain takes step to protect personal data in digital era

An aerial image of the Government Communications Headquarters (GCHQ) in Cheltenham, Gloucestershire. GCHQ is one of the three UK Intelligence Agencies and forms a crucial part of the UK’s National Intelligence and Security machinery. The National Security Strategy sets out the challenges of a changing and uncertain world and places cyber attack in the top tier of risks, alongside international terrorism, a major industrial accident or natural disaster, and international military crisis. GCHQ, in concert with Security Service (also known as MI5) and the Secret Intelligence Service (also known as MI6) play a key role across all of these areas and more. Their work drives the UK Government’s response to world events and enables strategic goals overseas. This image is available for high resolution download at subject to the terms and conditions of the Open Government License at Search for image number 45154332.jpg ------------------------------------------------------- Photographer: GCHQ/Crown Copyright Image 45154332.jpg from For latest news visit Follow us:

by Xinhua writers Gu Zhenqiu, Gui Tao

LONDON, Aug. 10 (Xinhua) — The British government has announced to update and strengthen data protection laws through a new Data Protection Bill, a welcome step in the digital era when the leakage of personal information has become a worrisome problem worldwide.

From Europe to Asia, and to America, almost every country, either developing or developed, has been haunted by such a problem — millions of Internet users’ personal information was hacked, raising concerns about web security and triggering widespread panic.

The new bill, designed to sign European privacy rules into British law, as well as update the existing Data Protection Act which has remained unchanged in the island country since 1998, aims to give the British public greater control over personal data.

The new bill expands the definition of “personal data” to include IP addresses, internet cookies and DNA.

Under the new measures, everyone responsible for using data has to follow even stricter rules called “data protection principles.” They must make sure the information is used fairly and lawfully, for limited, specifically stated purposes and in a way that is adequate, relevant and not excessive.

At the same time, the personal information should be kept for no longer than is absolutely necessary.

In practice, the new requirement will be subject to some exemptions, but may cause a headache for businesses, some of whom may not have data stored in files or on analogue tapes, making it difficult to sort their data.

Worse still, there are many ways data can be put at risk — software vulnerabilities, lost hard drives and CDs, malicious insiders, poor security.

They can only lead to infamous data breaches. Over the last two years, 22 such most notorious cases were reported in Britain.

Even the United States, the single superpower in today’s world, cannot be immuned from these problems in protecting individual information when people are using big data to analyze how to offer better services to target consumers.

For instance, 198 million Americans’ personal information was accidentally released, according to reports from the United States in June.

Undoubtedly, larger and more serious breaches lie ahead.

The new British Data Protection Bill is not expected to remove root causes of data leakage.

Many experts have already warned that businesses are totally unprepared for the new rules coming into force in Britain. Given the high fines for offenses, companies may be stung before getting their houses in order.

Furthermore, some argued that the extent of the reforms are unclear — important personal data such as health records or data of scientific importance may be protected, but at this stage, it is unclear exactly what the exemption may be.

When a lot of questions are raised about web security, it is a desired development to use law as a weapon to keep personal information from being leaked.

In fact, the new measures mark only the first step forward. They will be tested in its implementation.