The Information Commissioner's Office (ICO) has again called for individuals who knowingly break the Data Protection Act (DPA) to face the possibility of a jail sentence.
Responding to a call for evidence (PDF) from the Ministry of Justice (MoJ) on the current legislative framework for data protection, the ICO said that not enough is being done to deter people from deliberately misusing personal data.
"The Information Commissioner considers that the trade in personal information justifies the possibility of a custodial sentence for the most serious offences," it said.
"It is widely evidenced that the greatest threat to information security in organisations is individuals, yet the DPA only provides for a fine for those individuals who knowingly or recklessly obtain or disclose personal data, or procure someone else to do this for them."
The government watchdog also said it feels it lacks strong enough powers to investigate procedures within organisations suspected of misusing data.
"The Information Commissioner can in most cases only audit data controllers if they provide their permission. He is currently gathering evidence to show how many data controllers are willing to give this consent when asked and how many refuse," it said.
"Early indications are that private companies are particularly reluctant to accede to his requests."
The call for evidence was issued by the MoJ on 6 July and closed today. The MoJ wants to gauge how the European Data Protection Directive 95/46/EC and the Data Protection Act 1998 are working, and their impact on individuals and organisations.
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff