Sunday, September 01, 2013
Trading our personal data
Today's Telegraph contains a shocking report on the vulnerability of data held on all of us by private companies and public bodies. They say that that the authorities have investigated more than 700 cases of sensitive data
being obtained illegally from organisations such as mobile telephone companies,
councils and the NHS in the last five years.
They add that these cases cover the details of hundreds of thousands of individuals, and include instances where confidential medical information was stolen from official databases. In some cases the personal information was sold on to marketing firms, providing leads for Britain’s burgeoning cold-calling industry, whilst many records were stolen by employees seeking a profit. In other cases, staff used the data in personal feuds:
The Sunday Telegraph, assisted by Big Brother Watch, a privacy campaign group, analysed all prosecutions brought against people for breaching section 55 of the Data Protection Act in the last five years.
The legislation makes it an offence to “knowingly or recklessly” obtain or disclose personal information without the permission of the organisation responsible for the data.
The Information Commissioner is able to prosecute under the Act, while the Crown Prosecution Service generally carries out such prosecutions when police have also brought charges of another offence considered more serious, such as misconduct in a public office.
The analysis disclosed that prosecutors had brought charges for 714 alleged breaches of section 55 in the last five financial years.
The CPS is unable to disclose how many resulted in convictions, but the Information Commissioner’s Office (ICO) has separately, successfully sought convictions for an additional 82 offences.
In total, 14 people were convicted as a result of ICO prosecutions between 2008 and 2013. The CPS was unable to say how many individuals were involved in its prosecutions.
Those prosecuted by the ICO include Darren Hames, a former area manager for T-Mobile, who made thousands of pounds selling details of half a million customers to a former colleague, David Turley. Turley then sold the information on to a company that targeted customers to switch to a rival operator.
The dossier underlines the strength of the case being made by Christopher Graham, the Information Commissioner, to overhaul the Data Protection Act and introduce tougher penalties for abuses. The sooner the government does this the better.
They add that these cases cover the details of hundreds of thousands of individuals, and include instances where confidential medical information was stolen from official databases. In some cases the personal information was sold on to marketing firms, providing leads for Britain’s burgeoning cold-calling industry, whilst many records were stolen by employees seeking a profit. In other cases, staff used the data in personal feuds:
The Sunday Telegraph, assisted by Big Brother Watch, a privacy campaign group, analysed all prosecutions brought against people for breaching section 55 of the Data Protection Act in the last five years.
The legislation makes it an offence to “knowingly or recklessly” obtain or disclose personal information without the permission of the organisation responsible for the data.
The Information Commissioner is able to prosecute under the Act, while the Crown Prosecution Service generally carries out such prosecutions when police have also brought charges of another offence considered more serious, such as misconduct in a public office.
The analysis disclosed that prosecutors had brought charges for 714 alleged breaches of section 55 in the last five financial years.
The CPS is unable to disclose how many resulted in convictions, but the Information Commissioner’s Office (ICO) has separately, successfully sought convictions for an additional 82 offences.
In total, 14 people were convicted as a result of ICO prosecutions between 2008 and 2013. The CPS was unable to say how many individuals were involved in its prosecutions.
Those prosecuted by the ICO include Darren Hames, a former area manager for T-Mobile, who made thousands of pounds selling details of half a million customers to a former colleague, David Turley. Turley then sold the information on to a company that targeted customers to switch to a rival operator.
The dossier underlines the strength of the case being made by Christopher Graham, the Information Commissioner, to overhaul the Data Protection Act and introduce tougher penalties for abuses. The sooner the government does this the better.
Labels: ID