Feeds

Watchdog mulls SOCA's secret dossier of private dicks 'hired to hack, blag'

Did corp goliaths know PIs may have broken law, ponders ICO

Security for virtualized datacentres

The UK's privacy watchdog is now investigating whether corporate giants and others breached the Data Protection Act by hiring private eyes who allegedly hacked systems and blagged personal records.

The Information Commissioner’s Office (ICO) has received a list of 98 companies and individuals probed by the Serious Organised Crime Agency (SOCA) - which had been looking into claims of private investigators unlawfully accessing records and “blagging” personal files to get information for their clients.

SOCA's investigation, dubbed Operation Millipede, resulted in the conviction of four men for fraud last year. On 30 August, SOCA passed more than 20 files related to this investigation to the ICO, including correspondence and receipts between clients and the private gumshoes.

Details of a further nine clients have been withheld by SOCA, at the request of the Metropolitan Police, as they relate to ongoing criminal investigations.

The ICO will now assess the SOCA material to establish whether or not the private dicks' clients were aware that laws may have been broken in obtaining requested information.

SOCA was heavily criticised for sitting on the information for several years: it's claimed the cops' dossier revealed a hive of illegal activity - and a level of wrongdoing that was far more widespread than the allegations of newspaper reporters' voicemail-eavesdropping and blagging that led Rupert Murdoch to close the News of the World.

The ICO can wield several powers, depending on the outcome of the investigation, to end any data snaffling or possibly launch a criminal prosecution. Unlawfully obtaining or accessing personal data, contrary to section 55 of the Data Protection Act 1998, or for failing to notify as a data controller, could result in a prosecution against the customers of dodgy private dicks.

Other enforcement options include a civil action for breaching the Data Protection Act, with monetary penalties of up to £500,000, and enforcement notices and undertakings, to oblige changes in policies or procedures. The ICO will also establish whether the clients fall under the ICO’s jurisdiction. Initial estimates suggesting as many as a quarter of the clients may have been based outside the UK.

"We will liaise with our international counterparts where an organisation or individual appears to have breached the Data Protection Act, but is based abroad," an ICO statement explains.

The ICO warned that even the initial phase of its investigation is likely to take several months. It will not be publishing the list of clients at this stage, it says, so as not to prejudice any potential criminal prosecution. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Big Content outs piracy hotbeds: São Paulo, Beijing ... TORONTO?
MPAA calls Canadians a bunch of bootlegging movie thieves
Google Glassholes are UNDATEABLE – HP exec
You need an emotional connection, says touchy-feely MD... We can do that
Lawyers mobilise angry mob against Apple over alleged 2011 Macbook Pro crapness
We suffered 'random bouts of graphical distortion' - fanbois
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
US court SHUTS DOWN 'scammers posing as Microsoft, Facebook support staff'
Netizens allegedly duped into paying for bogus tech advice
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.