PL&B UK E-news, Issue 46

1. HSBC’s Indian call centre leaks UK customer data

Twenty UK customers of HSBC bank are said to have suffered a substantial financial loss due to their financial and personal details ending up in the wrong hands in India. HSBC has admitted that some of its UK customers have been affected by call centre fraud, as their security, personal and credit card information has been passed on to fraudsters by an employee of the bank’s Bangalore-based call centre. While the bank is not confirming the amount of losses, they have been reported to be more than £200,000 (BBC, 28th June 2006).

Read more about this in the next PL&B UK newsletter, due to be published at the end of July.

2. ICO stops website from collecting personal data

The Information Commissioner has issued an Enforcement Notice against a website operator,, to prevent it from using personal information from electoral registers that were published before 2002. Prior to 2002, individuals had no choice over whether their personal details from the electoral register were sold on to other organisations. The ICO is now planning to investigate other companies using pre-2002 electoral register information.

3. Banks ask to process data on child porn convictions

The Police may soon be able to let credit card issuers have information about criminal convictions related to child pornography. The Draft Data Protection (Processing of Sensitive Personal Data) Order 2006 would allow credit card issuers to process sensitive personal data on offenders who have been convicted for crimes relating to indecent images of children (in cases where a card has been used to commit the offence).

The order would create a new schedule 3 condition to ensure that all credit card issuers can process the facts of convictions for the purposes of closing down an account, or otherwise administering it. Although credit card issuers are already able to do so, based on contracts between them and customers, they have found it difficult to exercise that right without details of convictions and cautions.
The Information Commissioner is said to be broadly content with this draft order, which was proposed by the Association for Payment Clearing Services (APACS).

The Fifth Standing Committee on Delegated Legislation discussed the draft order on 5th July.

4. ICO issues guidance for financial advisors

The Information Commissioner’s Office released, on 28th June, a good practice note specifying financial advisors’ responsibilities when handling client information. The guidance, aimed at firms of tied agents and independent financial advisors, addresses issues such as who has control of personal information. Disputes often arise when advisors take client information with them when they leave to join another firm.

For further details on the Privacy Laws & Business UK Newsletter, please click here.

Copyright Privacy Laws & Business 2006