Business

Policy

UK worker who sold customers' data to nuisance callers must cough up £1k

Thousands of personal details taken unlawfully, court finds

By Rebecca Hill

55 SHARE

A staffer at an accident repair biz has had to pay almost £1,000 after he sold customers' personal data to cold-calling firms.

Phillip Bagnall, who worked at Nationwide Accident Repair Services in Greater Manchester, England, was found to have snaffled up at least 2,700 customers' personal details, which were then used to hassle the customers about their accidents.

The firm was alerted to a potential problem when "large numbers" of customers began to complain that, shortly after using the biz's services, they were fielding nuisance calls.

NARS then called in the cyber security consultants in November 2016, and it was discovered that Bagnall had been accessing suspicious amounts of customer data from a laptop at home, outside of work hours.

After monitoring Bagnall's system use over a week, they found he accessed the data of 2,724 customers without the firm's consent.

The UK's data protection watchdog said that these customers then received unsolicited "and at times aggressive" marketing calls about their accidents.

However, he declined to identify who he had sold the data to during an interview with the Information Commissioner's Office.

Bagnall pleaded guilty to unlawfully obtaining data when he appeared at Manchester and Salford Magistrates' Court, and was slapped with a £500 fine. He was ordered to pay £364 costs and a £50 victim surcharge.

ICO criminal enforcement manager Mike Shaw said it was a warning to people who thought that selling personal info was the way to a quick buck.

"The consequences can be severe," he said. "Not only can it lead to a day in court and the attendant media coverage, but it can cost a person their job and can damage their future career prospects." ®

Sign up to our NewsletterGet IT in your inbox daily

55 Comments

More from The Register

Campaigners call for immigration exemption in UK's Data Protection Act to be scrapped

Judicial review into law launched

Reel talk: You know what's safely offline? Tape. Data protection outfit Veeam inks deal with Quantum

Magnetic strips barrier to ransomware, burble box-flingers

Cambridge Analytica seeks data protection assistant

Jobseeker? You may have heard of it...

US tech circles wagons as India reviews data protection proposals

Ex-Cisco CEO-chaired lobby leading the charge

IT management software crowd Kaseya buys cloudy data protection crew Spanning

Private equity holdings shuffle

Why, hello Rubrik's Trello: Data protection biz leaves productivity tool open to world+dog

Anyone with URL could see lists of case study projects

Uber hack: EU data protection bods launch taskforce

Justice commissioner slams biz for 'irresponsible' behaviour

UK.gov's Brexiteers warned not to push for divergence on data protection laws

As PM lacks specifics on UK’s desired ‘adequacy-plus’ deal

Big tech wants the ICO on EU data protection board in Brexit fallout

Watchdog keeping voting rights 'huge gain' for marketing sector, say Facebook, Google et al

UK regulator moots data protection sandbox for organisations to play in

ICO strategy outlines plans to slurp up academic expertise