Vodafone builds community, sharing via email oops
Sharing email addresses with 415 other punters, that is
Vodafone's recently issued correction to new customers - crediting them with five pounds it had inadvertently billed for internet access - also bundled the email address of the 416 people to whom it was sent.
It's the old "BCC" and "CC" problem, though really a company like Vodafone should know better than to reveal the email addresses of more than four hundred customers to every recipient. Worse than that is the storm of emails as each of them reaches for the "reply to all" button to vent their spleen on the subject of operator incompetence.
The original error was rather mundane - customers who signed up for free Mobile Internet Access were accidentally charged a fiver, which has been credited back to their accounts (before they had to pay it) and Vodafone is very sorry.
Whether the operator will now send apologies to the 416 punters who've had their email addresses compromised we don't know.
The company told us this was the first time anything like this has ever happened - at Vodafone anyway. They said it was clearly down to "human error", though what punishment awaits the human in question remains to be seen.®
Punished? You must be joking. Our data protection legislation does not give any such power for this sort of breach. The worst that will happen will be that IF someone complains to the ICO then the ICO MAY send Vodafone a letter asking them if they have done anything wrong. When Vodafone explain that they made a "mistake" then that will be that. Because the ICO have no power to punish for a retrospective breach. Yet. Lets face it - if the 2006/2007 covert BT/Phorm trials of tens of thousands of customers didn't result in a punishment, a 400 email data breach isn't going to raise the roof is it? We need tougher consumer protection on data privacy and real teeth for the ICO to punish private companies that breach data protection rules or are simply incompetent..
Sure it's from Voda?
Hmm 416 recipients. If it had been 3 more and asking for money, I would have been wondering if it was from the Lads in Lagos....
Only three short
Of an April 1st worthy error