Ministry of Defence | Defence News | MOD confirms loss of recruitment data

[M J D Brown]

On Wednesday, January 23, 2008 at 9:30 AM, Peter Tomlinson wrote about 
the excuses offered for failures to implement adequate security measures 
in systems processing personal information

> They use the 'get out of jail' card in the DPA that provides cost as 
> the excuse. Mark Lomas kindly quoted it:
>
> --- quote ---
> Schedule 1, Part II, sections 9 to 12 explain how to interpret this. I 
> would draw particular attention to sections 9 and 10.
>
> "9. Having regard to the state of technological development and the 
> cost of implementing any measures, the measures must ensure a level of 
> security appropriate to—
> (a) the harm that might result from such unauthorised or unlawful 
> processing or accidental loss, destruction or damage as are mentioned 
> in the seventh principle, and
> (b) the nature of the data to be protected.
> --- end ---

These words are a recognisable statement of part of the "as low as 
reasonably practical (ALARP)" principles embodied in UK safety case law 
following the Piper Alpha  and Kings Cross fire disasters.  It is my 
understanding that the above codification was lifted subsequently from 
the safety domain into the unclassified-but-sensitive information domain 
covered by the DPA.  It is, however, important to recognise that the 
above Sections 9 and 10 should therefore only take effect at the point 
of _disproportionate_  cost increment to _mitigate_ a residual security 
hazard.  The ALARP principle would never justify completely ignoring an 
identifed hazard.

The reference to the 'state of technological development' in Section 9 
is also echoed in the 'development risk' defence provided in the UK 
Product Liability legislation.  ALARP is also the fundamental principle 
embedded in the IEC61508 Standard, largely at the initiative of the UK 
Delegation to the international drafting committee.

Mike.