Top executives should face prison if their organisations are found to be responsible for losing customer data.
That's the view of more than a third (35 per cent) of readers who took part in the latest poll by ZDNet.com.au's sister site, silicon.com. The UK publication has called for more serious punishment for data losses.
Other voters were slightly less draconian in their views with 31 per cent suggesting company bosses should be fired for losing data.
The next most popular punishment -- voted for by 21 per cent of respondents and arguably the most likely to come into force -- was for companies who have lost data to be fined.
Naming and shaming was voted for by 11 per cent of silicon.com readers as the best punishment, while just under three per cent said no punishment should be meted out at all.
The poll follows on from the HM Revenue & Customs loss in November 2007 of two CDs containing the details of 25 million people and a flurry of reported incidents since.
The UK Information Commissioner's Office (ICO) recently called for "knowingly or recklessly" breaching the Data Protection Act to become a criminal offence.
Meanwhile, the HM Revenue & Customs loss also prompted Australian Privacy Commissioner, Karen Curtis, to call for more lenient punishment for data breaches than her UK counterpart -- "mandatory reporting that is "proportional to the severity of the data breach".
The Australian Law Reform Commission will be lodging its recommendations to the Attorney General's Department concerning data breach disclosure amendments to the Privacy Act in March this year.
Liam Tung from ZDnet.com.au contributed to this story.
This article got me thinking since I work in the Information Security space.
What constitutes a breach relative to current legislation ?
The following article in the US, provides more food for thought.
http://www.washingtonpost.com/wp-dyn/content/article/2008/02/12/AR2008021201202_pf.html