PI firm nicked for pretexting
'Blaggers' get personal info of 250 DWP customers
A private investigation firm has pleaded guilty to obtaining and selling personal information on customers from the Department for Work and Pensions.
The firm and its managing director, Nick Munroe, were convicted of 44 counts of unlawfully obtaining and selling personal information at Kingston Magistrates' Court and fined £3,200.
The magistrate highlighted the "very serious" nature of the offences, fining the company £100 per offence on four counts and Munroe £700 per offence on four counts. No separate penalty was imposed on the remaining matters, but the defendants were ordered to pay £5,000 towards prosecution costs.
Infofind contacted the DWP on a number of occasions in attempts to trace outstanding debtors on behalf of a finance organisation, On:Line Finance. It breached the Data Protection Act despite having a written agreement with On:Line Finance to comply.
On each occasion the blaggers purported to be DWP employees and deceived members of staff into disclosing personal information about individuals. It is an offence under Section 55 of the Data Protection Act to unlawfully obtain, disclose or sell personal information without the consent of the data controller.
Philip Taylor, solicitor at the ICO, said: "Obtaining and selling personal information is a serious offence which can be highly damaging to the individuals concerned. This prosecution is the result of a thorough investigation by the ICO and is part of our ongoing work to stop the illegal trade in personal information.
"Individuals must be confident that their personal information is stored securely by those organisations which hold and process it. The ICO is working with the DWP to provide training for employees on how to deal with these bogus callers."
This article was originally published at Kablenet.
Kablenet's GC weekly is a free email newsletter covering the latest news and analysis of public sector technology. To register click here.
Sponsored: The Nuts and Bolts of Ransomware in 2016