There are allegations of a St Helens council data breach involving recently resigned council leader, Barrie Grunewald.
Any council data protection breach can be serious and can pave the way for legal cases for victims of such a breach; especially when it comes to the nature of the data councils hold. This incident, however, is a little unclear in terms of exactly what has happened.
Police are said to be investigating the alleged data breach which is thought to involve images from a group WhatsApp conversation between St Helens politicians which were allegedly obtained from a mobile phone and subsequently distributed. Mr Grunewald has said that the allegations are “spurious”, and police investigations remain ongoing.
A spokesperson for Merseyside Police said:
‘We can confirm that we’re investigating an allegation of a possible data breach reported at St Helens Council. Enquiries are ongoing to establish whether any criminal activities have taken place.’
We’ll be keeping an eye on developments of this story, particularly when it comes to the police investigations and whether the Information Commissioner’s Office (ICO) need to be involved. At present, we do not have any additional details about the allegations or the investigations.
The importance of data protection for councils
Councils and local authority agencies are responsible for a vast wealth of personal and often sensitive information, which is why it’s imperative that councils properly safeguard and secure the data they hold.
Anyone in the employment of the local government should know their responsibilities when it comes to protecting data and not sharing data without clear and proper consent.
Despite the wealth of the information they hold and the importance of councils’ responsibilities to safeguard the data they have, the public sector – and local government directly – are often in the news for data protection breaches, leaks and hacks. Recent events have made it abundantly clear that councils remain a target for hackers and are incredibly vulnerable to leaks and breaches as well.
The new GDPR coming into force this month may well force the hand of councils to start taking data protection responsibilities more seriously. Council data breaches can cause serious harm to the victims, and a preventative – not reactive – attitude should always be adopted.