The Information Commissioner's Office (ICO) has again called for individuals who knowingly break the Data Protection Act (DPA) to face the possibility of a jail sentence.
Responding to a call for evidence (PDF) from the Ministry of Justice (MoJ) on the current legislative framework for data protection, the ICO said that not enough is being done to deter people from deliberately misusing personal data.
"The Information Commissioner considers that the trade in personal information justifies the possibility of a custodial sentence for the most serious offences," it said.
"It is widely evidenced that the greatest threat to information security in organisations is individuals, yet the DPA only provides for a fine for those individuals who knowingly or recklessly obtain or disclose personal data, or procure someone else to do this for them."
The government watchdog also said it feels it lacks strong enough powers to investigate procedures within organisations suspected of misusing data.
"The Information Commissioner can in most cases only audit data controllers if they provide their permission. He is currently gathering evidence to show how many data controllers are willing to give this consent when asked and how many refuse," it said.
"Early indications are that private companies are particularly reluctant to accede to his requests."
The call for evidence was issued by the MoJ on 6 July and closed today. The MoJ wants to gauge how the European Data Protection Directive 95/46/EC and the Data Protection Act 1998 are working, and their impact on individuals and organisations.
Claims to have "the most competitive logic density" in the industry
Dell's high-end mobile workstations upgraded with Intel Coffee Lake CPUs
Webstresser admins were also arrested in the UK, Croatia, Canada and Serbia
Security firm claims that 117,638 sites out of 135,035 analysed contain serious security flaws