This topic is quite popular at the moment but can I repeat what I have said in a number of postings over the months. These investigators don't get this info for themselves, they get it for their clients. The IC is now taking the investigations to the clients. Now that client could be your company. Do you know how your arrears department/Credit Control track down your debtors? Who do they use? If they outsource it, do they pay on a no trace no fee basis? If they do ask yourself how much work would you do for nothing?
Also remember there is nothing new with blagging it has been around as an active industry for at least 30 years. In the early 70's Ted Heath set up a special task force to investigate unlawful access to the Police National Computer. I seem to recall that in 18 months they got 19 convictions. A much better hit rate than the IC.
Audit your data flow you might be alarmed at where it takes you.
Chris Brogan
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]]On Behalf Of Andrew Cormack
Sent: 24 July 2006 11:01
To: [log in to unmask]
Subject: Re: The Cost of Non-Compliance
I heard an interesting presentation from an OIC solicitor last week on their recent report "What Price Privacy?" where they are asking Parliament to increase maximum sentences for s55 offences to allow up to two years imprisonment. That might concentrate some minds. (see http://www.ico.gov.uk/eventual.aspx?id=17613)
There was also a scary slot on last week's Law In Action (may still be on 'listen again' on Radio 4 is you're quick) on the industry around 'blagging' - fraudulently obtaining other people's personal data from data controllers by making convincing phone calls. The profits to be made by that activity are one of the reasons that s55 offences need to be punished more seriously: fines are a 'business expense', not a deterrent.
Andrew
--------------------
Andrew Cormack
Chief Security Advisor
UKERNA, Atlas Centre, Chilton, Didcot, Ox11 0QS, UK
Phone: +44 (0)1235 822302
Fax: +44 (0)1235 822399
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> Kevin Broadfoot
> Sent: Friday 21 July 2006 19:03
> To: [log in to unmask]
> Subject: Re: The Cost of Non-Compliance
>
>
> >"What is the real risk of non-compliance in FOI, DPA or EIR?
> Has anybody
> >been fined large sums of money? Has anybody lost their jobs?"
>
> Ask your accountant what value he puts on his own and/or the
> organisation's reputation and how much is a large sum.
>
> A couple of a years ago an accountant was fined £10K with £5K
> costs for a
> s55 offence plus named and shamed in the Commissioner's
> annual report.
> Bet that looked good on the professional CV.
>
> And yes some people have lost their jobs - usually following
> the criminal
> conviction that brought them to notice.
>
> Don't want to get it wrong too many times then!
>
> regards,
>
> Kevin Broadfoot
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to
> the list owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|