'Big Brother Blair' using terror threat as an 'excuse to snoop'

Outgoing information commissioner Elizabeth France has attacked government privacy policy formed in the wake of the 11 September terrorist attacks.

The comments came as the Data Protection Commission (DPC) published its accounts for 2001, revealing the regulator, which received £8m in funding last year, made 66 prosecutions over the period.

In a statement accompanying the accounts, France said she was concerned the government has given law enforcement agencies too much power, going beyond preventing terrorism.

She said: "These initiatives have led to a noticeable shift in the balance between respect for an individual's private life and the needs of society to protect itself against such criminal actions. Although this shift has occurred in the name of terrorism, the measures deployed often go much further into areas of more general criminality."

She singled out last year's Anti-Terrorism Act, which gives agencies more power to retain and monitor private individuals' telecoms traffic data, as an area for particular concern.

France also criticised plans to extend the scope of these powers to encompass public health and tax collection, not just issues of national security and general criminality.

She said: "The potential for access, for these much wider purposes, for information that is on the face of it retained only for safeguarding national security, causes us real concern."

The criticism is the latest assault on government policy over alleged snooping policies that have had civil liberties groups up in arms.

Last month David Blunkett was forced to shelve proposals to extend surveillance powers to government agencies other than those concerned with law enforcement, and plans to introduce identity cards have been strongly criticised.

In the meantime organisations such as the Data Protection Commission, which is supposed to safeguard personal data, have been described as "toothless" in fighting these issues. The yearly figures bear this out.

While complaints to the DPC rose by over 50 per cent last year, to more than 12,000 cases, it prosecuted just 66 firms, and gained 33 convictions.

In addition, nearly all of these were for 'failure to notify' - in other words companies not doing the administration to sign up to the DPC regime - not for real breaches of privacy. The Commission issued just four enforcement notices, the strongest weapon it has in its armoury to stop misuse of data.

Chris Pounder, consultant to the technology group for law firm Masons, said: "Where recent legislation has done a lot to widen the government powers to monitor and gather information, protection mechanisms to counteract this have not been updated."

On the state of the DPC he said: "Clearly it needs to be further financed to enable the staff to do the job they are supposed to do. It has to be given more funds to recognise the improved status of the Data Protection Act, which has not been recognised so far."