Feeds

ICO drops BT, ACS Law probe

Dangerous precedent "worse than usual incompetence"

Beginner's guide to SSL certificates

The Information Commissioner's Office has ended an investigation against BT for handing over customer information to file-sharing-chaser law firm ACS:Law, which then leaked online.

ACS:Law's speciality is sending letters to suspected file-sharers threatening them with expensive legal action unless they send the law firm money for supposed copyright infringement.

Back in September the law firm received details of 500 BT customers in a plain text attachment to an email. This was later leaked online after ACS:Law was hacked. The details were actually customers of PlusNet - which was bought by BT.

But the ICO is quite happy BT can sort the problem out itself.

An ICO spokesperson said: “We have regular contact with a range of organisations regarding allegations of staff inappropriately accessing or disclosing personal information.

“Where it is found that the data controller has adequate policies and safeguards already in place, the usual and most appropriate outcome in these cases is disciplinary action taken by the employer. However, where that employee is accessing records for personal gain, such as selling the data on to third parties, the ICO may open a criminal investigation.”

In other words - it was a member of staff who sent the unencrypted data, and therefore it's not BT's responsibility.

Privacy lobbyists are less impressed. Alex Hanff of Privacy International, which is promising to push for a judicial review of the ruling, said the decision was worse than the ICO's "usual incompetence".

Hanff said: "This is an incredibly dangerous decision for the ICO to have made as it effectively dissolves any pretence that a company is responsible for the actions of their employees at work.

"Christopher Graham has, in essence, now created a Data Protection regime where companies will not be held responsible for the actions of their staff."

More criticism of ICO weakness here.

ACS:Law, which has been criticised by the Law Society, and consumer groups, for its shotgun greymail approach. Andrew Crossley - the lawyer behind ACS:Law - claims to have given up chasing file-sharers. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Special pleading against mass surveillance won't help anyone
Protecting journalists alone won't protect their sources
Big Content Australia just blew a big hole in its credibility
AHEDA's research on average content prices did not expose methodology, so appears less than rigourous
Bono: Apple will sort out monetising music where the labels failed
Remastered so hard it would be difficult or impossible to master it again
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.