The law and its impact on the way data security issues are addressed

Information technology can be used to ensure openness or to effect security; to enhance privacy or to erode it. The technical ability is available to make messages instantly accessible worldwide, using, for example, the Internet, or to secure IT using powerful encryption algorithms. The question the author poses is not, therefore: “is IT safe?”, but “how safe does the information held need to be and from whom should it be kept?” The current framework of law is provided by the Data Protection Act 1984. It requires the balancing of two freedoms-the right to free exchange of information, and the right to privacy. Or as the Council of Europe Treaty 108 says, in setting the context of the Convention, “it is necessary to reconcile the fundamental values of the respect for privacy and the free flow of information between peoples”. The equation is not a simple one to balance for there is a need to be aware of issues such as commercial confidentiality and-on the other side-the overriding of the privacy rights of the individual in the interests of state security or for the prevention and detection of crime