Robert Bond

Firms need to learn from data protection crackdown

Data processing must be checked to ensure data is handled fairly and lawfully, explains Robert Bond

Written by Robert Bond

Computing, 01 Oct 2009

All businesses need to be aware of the implications of the recent Information Commissioner’s Office (ICO) investigation against Ian Kerr trading as The Consulting Association.

The ICO found that he was processing personal information on more than 3,200 workers, which he was selling on to construction companies, including 14 firms against which Enforcement Notices have been served.

While Kerr’s activities were illegal and the information commissioner was able to prosecute him for failing to comply with the Data Protection Act 1998 (DPA), there was apparently no such option to proceed directly against the construction companies.

An Enforcement Notice requires organisations to either take or refrain from taking specified steps to ensure they comply with the law. The ICO can prosecute those who commit criminal offences under the DPA, and failure to comply with an Enforcement Notice is a criminal offence.

Deputy information commissioner David Smith highlighted the issue when he said: “Fourteen firms paid for personal details about construction workers without those people knowing. The individuals were denied the opportunity of explaining or correcting what may have been inaccurate personal information about them and which could have jeopardised their employment prospects in the industry.”

As a result of the lessons from this case, it is clear that all business sectors that use personal data as part of hiring and firing decision-making processes need to re-think their strategy and have in place suitable policies and procedures.

The ICO is focusing on compliance by businesses and expecting them to not only “say what they do” through the use of clear privacy notices but also “do what they say” by complying with those notices and the obligations under the eight data protection principles, which include “fair and lawful processing” of personal data.

Businesses should audit their data processing activities to understand and minimise risk.

Robert Bond is a partner and head of intellectual property, technology and commercial at law firm Speechly Bircham

  • Have your say
  • Send to a friend
  • Print this
  • Share

reader comments

related articles

Man at computerSecurity

Keep data on the right side of the law

Rosemary Jay spells out the legal requirements that all organisations must take into account when formulating their storage strategies 22 Sep 2009

 
Security

One in five firms have breached Data Protection Act

New British standard for data protection aims to help establish best practice 02 Jun 2009

ICO

Private investigator fined £5,000 for breaching Data Protection Act

The Knutsford Crown Court’s decision follows the ICO’s (Information Commissioner’s Office) investigation that revealed Kerr’s covert operation 20 Jul 2009

Security

Data watchdog to move on construction firms as illegal database owner is fined

Man received almost £500,000 for details on construction workers 20 Jul 2009

Security

Guilty verdict in construction worker database case

Information Commissioner refers breach of Data Protection Act to Crown Court for sterner punishment 28 May 2009

related whitepapers

today's top stories

Internet

Face facts: social media is the future

No organisation can afford to ignore the way business communications are changing 18 Mar 2010

Security

Is the data watchdog about to pounce?

Experts believe the Information Commissioner’s Office is itching to use its new power to impose hefty fines for data breaches. Martin Courtney reports 18 Mar 2010

Management

Lloyd’s of London gears up for regulation

CIO Peter Hambling tells Angelica Mari about how the insurance market has updated its IT infrastructure to comply with new regulations 18 Mar 2010

Communications

Protests greet new Digital Economy Bill amendment

ISPs, digital rights groups and Liberal Democrat supporters cry foul 05 Mar 2010

Management

IT Leaders' Forum in association with IBM

A unique opportunity to hear from expert speakers and engage in a debate about the future of the CIO job function 29 Jan 2010

> More news

Advertisement

Subscribe

Keys to successful Serviceā€Oriented Architecture implementation

This white paper explores best practices and general design patterns for service oriented architecture (SOA).

The Roadmap to IT Maturity — Matching Strategy to Infrastructure for Business Success

This paper defines a roadmap for matching infrastructure strategy to business success.

Advertisement

Keep up to date with the latest products, services and technologies from the world's leading IT companies; ITHound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

More available - click 'submit' to view

Existing User

Newsletter user login:

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

Latest poll

NHS centralised data

NHS centralised data

Do you think the NHS can be trusted to safely look after personal data electronically?

View poll results

> More polls

Latest audio and video articles

Video

HP unveils S Series notebooks

'Prosumer' line overhauled 01 Mar 2010

Web Seminar Listings

Preparing for enterprise-scale Windows 7 migration

The web seminar on 18 Feb will discuss how Windows 7 migration can increase IT efficiency in large enterprises, freeing up budgetary and personnel resources to focus on business innovation. Our panel of experts will examine the strategies, tools and services IT leaders can use to migrate successfully and reap the rewards of increased efficiency. 19 Feb 2010

> More audio and video

Latest in-depth articles

Smiths Group CIO Brian JonesAnalysis

Q&A: Brian Jones, CIO, Smiths Group

How should conglomerates be looking at the new IT technologies coming through? Brian Jones explains. 19 Mar 2010

Analysis

What security strategy should enterprises adopt after the recession?

Act now to put your your firm on higher growth path advise CISOs 19 Mar 2010

> More in depth articles

Primary Navigation