Feeds

ICO issues first website enforcement order

Search site breaches data protection laws

Top three mobile application threats

The operator of a website designed to allow searches for people's contact details has been issued with an enforcement order by the Information Commissioner's Office (ICO). It is the first time the ICO has issued an order over a website.

The ICO says that B4U, a Birmingham company which performs searches for information on individuals at b4usearch.com, is in breach of the Data Protection Act (DPA). B4U says it has not received any notification of an order.

The ICO says B4U has breached the Act by using electoral roll data from before 2002. After 2002, people filling in an electoral roll form could choose to be excluded from the public register. The ICO also says the company ignored requests from individuals for their details to be removed, which is in contravention of the Act.

"We will take action against organisations that don't process personal information in line with the requirements of the Act and cause significant concern to individuals," said Mick Gorrill, head of regulatory action at the ICO. "People have an important right under the Data Protection Act to know that their personal information is sufficiently protected."

The ICO said that it had received 1,600 complaints about the site, many saying that B4U did not remove their personal details when requested.

B4U owner Raj Banga said no notice has been received, and the company has never refused anyone a request for data removal. "We don't refuse anyone removal from the site, that has never happened," said Banga. He said that at one point requests for removal were so numerous that they were taking up to three weeks to process, but that none was refused.

"People who complained to the ICO about b4usearch.com included a police officer whose family's names and addresses, along with a map to their house, appeared on the website and an individual who had previously been a victim of identity fraud," an ICO statement said. "Both were concerned about the availability of their personal information and the fact that their requests to b4usearch.com asking for their details to be removed had been ignored."

The B4U website says that written requests for removal will take five days to process and details a premium rate fax line which costs £1.50 per minute which can be used for more immediate removals.

"Some people were looking for much faster removals so we brought in the premium rate fax line. We had to do that because I had to employ more people to process them and the company can only sustain that loss for so long," he said.

Banga said any rulings the company does receive will be adhered to. "We have been co-operative with the ICO and we are not in a position to argue with them," he said. "We are not the type of company to do that. If something is illegal, then we can't do it."

The ICO's statement said because of B4U's breaches of the DPA, "damage or distress to individuals was likely to have been caused by information being processed in this way". A spokesman confirmed that this could open the way to a civil case against B4U for damages, but that no such case had yet been brought.

"I can't comment on whether there will be a case, but all this information has been readily available for years, this is information you can find in your local library," said Banga.

Copyright © 2006, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Top three mobile application threats

More from The Register

next story
Sorry London, Europe's top tech city is Munich
New 'Atlas of ICT Activity' finds innovation isn't happening at Silicon Roundabout
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.