The Data Protection Act was given a new ‘shine’ in the name of new laws on data sharing. Check out at the Ministry of Justice website Information Commissioner to be given tougher powers’.
Besides giving the Information Commissioner tougher powers, organisations will need to improve transparency and accountability when dealing with personal information.
From the website, Jack Straw Justice Secretary said:
‘As new technologies have developed, the secure storage and careful sharing of personal information held by both the public and private sectors has become paramount.
Strong regulation and clear guidance is essential if we are to ensure the effective protection of personal data.
The changes we propose today will strengthen the Information Commissioner’s ability to enforce the Data Protection Act and improve the transparency and accountability of organisations dealing with personal information. This is very important if we are to regain public confidence in the handling and sharing of personal information.’
So now organizations will also have to add ‘sharing of personal information’ to their corporate governance policy or other ‘know your customer’ or ‘know your data’ policies. How organizations will deal with the data protection, privacy and sharing requirements will certainly add more drama to the arena of edisclosure or ediscovery.
Pretty soon organizations will also have posters on ‘Beware of Data!’. With a list of Do’s and Don’ts (like the ‘Health and Safety’ Notice). I hope the Do’s and Don’ts won’t be 100 pages like the guide from the Information Assurance Advisory Council (UK) (IAAC).
The IAAC published the Second Edition of the Directors and Corporate Advisors to Digital Investigations and Evidence. According to the IAAC website, the purpose of this guide is to make directors and, managers and their professional advisors aware of the issues involved in collecting, analysing and presenting digital evidence. The report can be downloaded here.
A great pity that the guide uses the terms ‘Forensic Computing’ and ‘Forensic Readiness Plan’’and at the same time stipulated that: ‘Although this guide is designed for use within the United Kingdom and the descriptions of the law refer to English law, many of the principles are universal in all jurisdictions’.
I just did a book search using ‘ediscovery’ on amazon.co.uk and got 12 books related to the subject matter. On ‘edisclosure’ I got none. There’re couple of books listed when I used the search term ‘electronic disclosure’ but only one is available on the amazon.co.uk site.
So, the IAAC Second Edition guide is a useful starting point for organisations looking for reliable sources of information on digital investigations and evidence. What’s more it’s free!
Many thanks to the work of the IAAC and to Professor Peter Sommer.