Reading:
Two former employees were fined by the ICO for misusing personal information
Share:
data protection

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Two former employees were fined by the ICO for misusing personal information

Two former employees who worked at a UK based claims management company illegally obtained information from a car hire company and then used this information to blag calls to an insurance company to illegally obtain personal information of drivers.

They did this in order to try and sell this personal information to solicitors. We ourselves have never bought claims, and never will!

The information included policy holders information and their recent and/or historic road traffic accidents. Within that information, the policy holders’ names, addresses, and contact details would likely have been accessed too.

Ms L. Servers and Ms K. Billington were found by the Information Commissioners Office to have breached data protection laws.

The ICO is the regulator and enforcer of the data protection laws in the UK. They make sure that companies, organisations, and individuals comply with the Data Protection Act and its governing principles. They do not deal with compensation claims, which is where we come in though.

Ms Servers and Ms Billington breached DPA laws when they:

  • Illegally obtained information – the DPA does not allow for unauthorised access to personal information. This responsibility is on the data controller and data processor. The car hire company and insurance company failed in their duty to protect the personal information they held and controlled. The two offenders breached their duty by misusing information they had no business using.
  • Illegally used the personal information obtained – The offenders actively broke the law in directly misusing the personal information they obtained. Since the owners of the personal information had no idea Ms Servers and Ms Billington had access to it, they couldn’t give consent. Without that consent, anything the offenders did with the information was illegal.

Ms Billington pleaded guilty to 8 offences and was given a fine of £320, and then ordered to pay contribution costs of £250 and a victim surcharge of £20.

Ms Servers also pleaded guilty to her offences and was given a fine of £250, contribution costs of £400 and the same victim surcharge amount of £20.

The ICO has a range of enforcement powers when they find a breach of the Data Protection Act. This includes:

  • A financial penalty fine; like with the two offenders above;
  • An undertaking; where offenders promise to do things to prevent further breaches;
  • Enforcement notices; where offenders do things to stop breaches;
  • Custodial sentences; offenders can be given prison sentences for the most serious breaches.

In the past, the ICO has used a range of these enforcement measures on a lot of offenders. From the individual to giant multinational companies, the ICO is not afraid to do what is needed to punish data protection offenders. Hopefully those who hold or have access to personal data will see these enforcement actions as an incentive to make sure they do enough themselves to protect any information they have. Many companies, authorities, and individuals are not aware that they have an active duty to protect data. The more sensitive the information, arguably, the more is needed to protect it.

However, no matter how careful a company is, when it comes to deceptive individuals and highly equipped hackers, personal information does get out. But when that happen, victims don’t have to just sit by and tolerate it; they can seek help to recover compensation for any harm caused.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon