PI firm nicked for pretexting
'Blaggers' get personal info of 250 DWP customers
Agentless Backup is Not a Myth
A private investigation firm has pleaded guilty to obtaining and selling personal information on customers from the Department for Work and Pensions.
The Information Commissioner's Office (ICO) said it had successfully prosecuted Infofind for illegally "blagging" the personal details of over 250 individuals from the department.
The firm and its managing director, Nick Munroe, were convicted of 44 counts of unlawfully obtaining and selling personal information at Kingston Magistrates' Court and fined £3,200.
The magistrate highlighted the "very serious" nature of the offences, fining the company £100 per offence on four counts and Munroe £700 per offence on four counts. No separate penalty was imposed on the remaining matters, but the defendants were ordered to pay £5,000 towards prosecution costs.
Infofind contacted the DWP on a number of occasions in attempts to trace outstanding debtors on behalf of a finance organisation, On:Line Finance. It breached the Data Protection Act despite having a written agreement with On:Line Finance to comply.
On each occasion the blaggers purported to be DWP employees and deceived members of staff into disclosing personal information about individuals. It is an offence under Section 55 of the Data Protection Act to unlawfully obtain, disclose or sell personal information without the consent of the data controller.
Philip Taylor, solicitor at the ICO, said: "Obtaining and selling personal information is a serious offence which can be highly damaging to the individuals concerned. This prosecution is the result of a thorough investigation by the ICO and is part of our ongoing work to stop the illegal trade in personal information.
"Individuals must be confident that their personal information is stored securely by those organisations which hold and process it. The ICO is working with the DWP to provide training for employees on how to deal with these bogus callers."
This article was originally published at Kablenet.
Kablenet's GC weekly is a free email newsletter covering the latest news and analysis of public sector technology. To register click here.
COMMENTS
I don't get it
I just don't get it. They were convicted of 44 counts, but they were only fined for 8 of those? What about the remaining 36 counts they were convicted of? A paltry 3600 pounds doesn't even come close to inferring the "serious" nature of the crimes.
Less than £13 per person
It's really cheap: get this supposedly secure private information on more than 250 individuals, and pay fines totalling £3200. Well done the ICO for prosecuting, but there's not really much point when the penalties are outrageously low.
Can I deduce that the court thinks a £12 fine is a suitable penalty for fraudulently obtaining personal information about me from our government? If so I'd better make sure the government has as little personal information as possible about me - which is getting pretty difficult with all the new measures being implemented by New Labour.
SO, the courts no longer protect us or our freedoms (since a fine of £12 for each person whose information is stolen is no protection at all). Of course that's probably what Tony and his cronies want - if the courts were to protect our freedoms the government would have a lot more trouble with adverse decisions from judicial reviews.
Small fine, but...
Yeah, it was a small fine, but think about the £5000 in court costs. These people will not doubt have an eye kept on then after this, so they're likely to be back in court faster if they do it again, so £72 for the fine, and another £5000 for the costs,
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Steps to Take Before Choosing a Business Continuity Partner
Enabling efficient data center monitoring
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
