The British Justice Select Committee has called upon the government to issue custodial sentences for breaches of the Data Protection Act.

The Committee's report published today states that the fines typically administered for such offences are "inadequate" deterrents, and highlights the limitations in the powers of the Information Commissioner in investigating abuses of personal data. The move has got the thumbs up from security companies who stand to make a killing from a tightening up of the law.

Nick Lowe, VP of Sales EMEA at Privileged Identity Management expert Cyber-Ark, has said there must be tougher personal data abuse laws. "The misuse of privileged access to sensitive information is undeniably widespread and, with reports revealing that even bodies such as the police force have misused their powers, it is completely justifiable for there to be concern about the way that such issues are dealt with in the eyes of the law," he said.

While financial penalties can be a useful tool, at present they do not reflect the severity of the issue at hand. Without the ability to hand out significant fines that outweigh the often lucrative rewards of such offences, there is little to put people off committing these crimes in terms of punishment, he added.

For those incidents that violate the most personal of information, stronger penalties must be brought in - and it will be interesting to see if this goes as far as jail time. One of the biggest problems for the UK government if they adopted the committee's suggestion is that one of the biggest offenders in recent years has been its own Department of Defence which has a habit of losing laptops and thumb-drives.