recent work

The ICO comes under attack for dropping BT / ACS:Law case on Data Protection breach.

The Guardian has today reported that the Information Commissioners Office (ICO) has dropped its case against BT. The case related to an email sent by BT to law firm ACS:Law which contained confidential  details of more than 500 of its customers, including names, addresses and telephone numbers.

The ICO has confirmed that BT cannot be held responsible for the action – but this decision has angered many, including Privacy International – “This appears to give the green light to companies like BT claiming to have a data protection policy, but failing to adequately enforce it,” Davies of Privacy International said. The privacy pressure group Big Brother Watch said the information commissioner, Christopher Graham, had “bottled it”.

Another online leak of BT customer’s data occurred in the aftermath of the saga, when ACS:Law’s website was attacked. A separate investigation is being conducted in relation to this.

In response, the ICO stated on Monday:  The ICO said on Monday: “We have regular contact with a range of organisations regarding allegations of staff inappropriately accessing or disclosing personal information.
“Where it is found that the data controller has adequate policies and safeguards already in place, the usual and most appropriate outcome in these cases is disciplinary action taken by the employer.
“However, where that employee is accessing records for personal gain, such as selling the data on to third parties, the ICO may open a criminal investigation.”

To read the article in full, go to http://www.guardian.co.uk/technology/2011/feb/01/ico-bt-acslaw now.