PL&B UK E-news, Issue 99

1. T-Mobile suffers data blunder

T-Mobile staff has been selling personal data relating to customers’ mobile phone contracts to third parties. The company alerted the ICO when it suspected wrongdoing.

It is alleged that the information was being sold on to the service provider’s competitors whose agents were using the material to cold call customers prior to contract expiry dates to offer them an alternative contract. It seems that many thousands of customer account details have been unlawfully obtained.

T-Mobile commented: “T-Mobile takes the protection of customer information seriously. When it became apparent that contract renewal information was being passed on to third parties without our knowledge, we alerted the Information Commissioner's Office. Working together, we identified the source of the breach which led to the ICO conducting an extensive investigation which we believe will lead to a prosecution. Whilst it is deeply regrettable that customer information has been misapproriated in this way, we have proactively supported the ICO to help stamp out what is a problem for the whole industry.”

T-Mobile is able to confirm that no financial data has been passed on to any third parties.

Christopher Graham, the Information Commissioner, said: “Many people will have wondered why and how they are being contacted by someone they do not know just before their existing phone contract is about to expire. We are considering the evidence with a view to prosecuting those responsible and I am keen to go much further and close down the entire unlawful industry in personal data. But, we will only be able to do this if blaggers and others who trade in personal data face the threat of a prison sentence. The existing paltry fines for Section 55 offences are simply not enough to deter people from engaging in this lucrative criminal activity. The threat of jail, not fines, will prove a stronger deterrent.”

For further details on the Privacy Laws & Business UK Newsletter, please click here.

Copyright Privacy Laws & Business 2009