PL&B UK E-news, Issue 55

1. ICO finds eleven banks in breach of DPA and publishes their security failings

The Information Commissioner’s Office (ICO) yesterday (13.3.07) named and shamed eleven banks and financial institutions for breaching the Data Protection Act.

HBOS, Alliance & Leicester, Royal Bank of Scotland, Scarborough Building Society, Clydesdale Bank, Natwest, United National Bank, Barclays Bank, Co-operative Bank, HFC Bank and Nationwide Building Society were all found to have discarded personal information in waste bins outside their premises. The Post Office and the Immigration Advisory Service were found to have similar security breaches.

The ICO has not yet resorted to prosecuting them, but has asked these organisations to sign a formal undertaking to comply with the data protection principles. They have all done so. A failure to meet the conditions of the undertakings is likely to result in enforcement action. This is yet another example of the ICO’s stricter approach in enforcing the law, and a clear warning to the financial services industry.

Copies of the signed undertakings with details of specific complaints against each bank citing the nature of the personal data discovered and where it was found, are available on the ICO website.

2. Individual wins a compensation settlement in SPAM case

The Scottish courts have ordered an Internet Service Provider, Transcom Internet Services to pay a claim for damages of £750 plus expenses (a total of £864) for spamming. Mr Gordon Dick was successful in suing the company for sending just one unsolicited advertising e-mail. This case is the second ever spam case in the UK to award damages to an individual. The case was settled before it came to a full court hearing.

For further details on the Privacy Laws & Business UK Newsletter, please click here.

Copyright Privacy Laws & Business 2007