Information Commissioner Richard Thomas has asked the Government to create a new offence of recklessly or knowing breaching data protection principles punishable by unlimited fines.
He has also asked for other powers to be strengthened.
In a paper presented to Government Thomas said that while the Data Protection Act (DPA) carried a duty for data controllers to comply with the principles of the Act there was no punishment for not doing so.
"The precise form any penalty might take will require careful consideration. The creation of a new criminal offence is an obvious option," said the paper, which has been submitted to Government.
Thomas said that he was not seeking for breach of a new offence to be punishable by jail terms, but by unlimited fines.
Thomas's paper said that such a move would "be a significant step forward in modernising the UK’s data protection regime by reflecting, in the powers of the regulator and the penalties that can be imposed, the enormous growth that has taken place in the collection and use of personal information and the associated potential for harm that can arise from unlawful processing."
"Most importantly [it] would send a clear message that data protection requirements can not be ignored or dismissed.
They must be taken seriously by every organisation that processes personal information," said the paper.
Have you read these related articles?
Newsletter:
