Feeds

ICO issues first website enforcement order

Search site breaches data protection laws

The Power of One eBook: Top reasons to choose HP BladeSystem

The operator of a website designed to allow searches for people's contact details has been issued with an enforcement order by the Information Commissioner's Office (ICO). It is the first time the ICO has issued an order over a website.

The ICO says that B4U, a Birmingham company which performs searches for information on individuals at b4usearch.com, is in breach of the Data Protection Act (DPA). B4U says it has not received any notification of an order.

The ICO says B4U has breached the Act by using electoral roll data from before 2002. After 2002, people filling in an electoral roll form could choose to be excluded from the public register. The ICO also says the company ignored requests from individuals for their details to be removed, which is in contravention of the Act.

"We will take action against organisations that don't process personal information in line with the requirements of the Act and cause significant concern to individuals," said Mick Gorrill, head of regulatory action at the ICO. "People have an important right under the Data Protection Act to know that their personal information is sufficiently protected."

The ICO said that it had received 1,600 complaints about the site, many saying that B4U did not remove their personal details when requested.

B4U owner Raj Banga said no notice has been received, and the company has never refused anyone a request for data removal. "We don't refuse anyone removal from the site, that has never happened," said Banga. He said that at one point requests for removal were so numerous that they were taking up to three weeks to process, but that none was refused.

"People who complained to the ICO about b4usearch.com included a police officer whose family's names and addresses, along with a map to their house, appeared on the website and an individual who had previously been a victim of identity fraud," an ICO statement said. "Both were concerned about the availability of their personal information and the fact that their requests to b4usearch.com asking for their details to be removed had been ignored."

The B4U website says that written requests for removal will take five days to process and details a premium rate fax line which costs £1.50 per minute which can be used for more immediate removals.

"Some people were looking for much faster removals so we brought in the premium rate fax line. We had to do that because I had to employ more people to process them and the company can only sustain that loss for so long," he said.

Banga said any rulings the company does receive will be adhered to. "We have been co-operative with the ICO and we are not in a position to argue with them," he said. "We are not the type of company to do that. If something is illegal, then we can't do it."

The ICO's statement said because of B4U's breaches of the DPA, "damage or distress to individuals was likely to have been caused by information being processed in this way". A spokesman confirmed that this could open the way to a civil case against B4U for damages, but that no such case had yet been brought.

"I can't comment on whether there will be a case, but all this information has been readily available for years, this is information you can find in your local library," said Banga.

Copyright © 2006, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Top three mobile application threats

More from The Register

next story
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
Philip K Dick 'Nazi alternate reality' story to be made into TV series
Amazon Studios, Ridley Scott firm to produce The Man in the High Castle
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Bose says today is F*** With Dre Day: Beats sued in patent battle
Music gear giant seeks some of that sweet, sweet Apple pie
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Too many IT conferences to cover? MICROSOFT to the RESCUE!
Yet more word of cuts emerges from Redmond
Joe Average isn't worth $10 a year to Mark Zuckerberg
The Social Network deflates the PC resurgence with mobile-only usage prediction
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.