Data theft occurs all over the world, it is unfortunately a matter of life.
However we should distinguish between “data loss”, when somebody loses/misplaces/gives away the “data theft” and when somebody deliberately defeats systems and takes it. Its the difference between throwing your money out of your window and being burgled.
We should never do the former and try to prevent the latter.
In the UK the government seems to have a very different approach. Don’t do anything about the former and ignore the latter.
In the rest of the world its a very different issue:
In Finland the Government did not provide enough protection of data and as a result worked to make changes, but despite this were still found guilty in the ECHR, and so even more changes are afoot.
The UK is appears to be losing data more often than any other government in the world at the moment.
In Korea when data was stolen the police are immediately called and appear to take action. In the US data theft cases have high profile results and fines handed down, which must have a deterrent effect. In Germany the government conducts investigations to try and find out how much personal data is out there, and then tries to clamp down on the issues.
In the UK data is lost all the time, from the Home Office, the Ministry of Justice, the Ministry of Defense, the NHS, and most famously the HMRC.
Yet, despite all of this, no effective measures have been put in place to deal with this.
The ICO has been pushing for tougher sentences, and for people dealing with data illegally, and Section 55 of the DPA creates a criminal offence of stealing data or being reckless in its loss.
Despite this the government is still losing data all the time, there is a trade in personal data and nobody is getting prosecuted, with the exception of a couple of low level accountants.
How many times do the UK Government need to lose data, fail to protect it, or allow the trade to go unpunished before action is taken?
Certainly more than twice!