ICO: You call that a sentence? Courts need power to hit data thieves harder

Tooth-poor watchdog points out weakness of court

Cash on scales. Pic: Images Money, Flickr

Blighty's data watchdog has moaned that the UK's courts needs greater powers to impose penalties on data thieves after a woman was slapped with a £1,000 for flogging 28,000 customer records for £5,000.

Sindy Nagra, 42, from Hayes, was issued the fine by Isleworth Crown Court on Friday. She was an admin assistant at a car insurance business Enterprise Rent-A-Car, and was responsible for processing customer details sent to the car rental company by an insurance company.

She pleaded guilty to unlawfully obtaining, disclosing and selling personal data, a criminal offence under section 55 of the Data Protection Act. Courts can issue unlimited fines for the offence, but not custodial sentences.

The Information Commissioner Christopher Graham said: “This fine highlights the limited options the courts have. Sindy Nagra got £5,000 in cash in return for stealing thousands of people’s information.

"She lost her job when she was caught, and has no money to pay a fine, and the courts have to reflect that. But we’d like to see the courts given more options: suspended sentences, community service, and even prison in the most serious cases.

Ironically, the ICO itself has come under fire for not going far enough in the number of fines it issues for data breaches. ®




Biting the hand that feeds IT © 1998–2018