Chris
Why was only the agent choosen to be prosecuted by the OIC?
Seems to me if summary correct that BB as a controller themselves would have
a breach of DPA's security principle. Sacking/terminating a Financial
Services agent relationship and leaving the agent with access to customer
personal data seems to and identifiable security risk.
Do we know if OIC took enforcement action against BB regarding any failure
in appropriate security?. If not the prosecution appears to send a message
that its OK for a controller to leave data access links in place after
business relationships terminated.
Was there any indication / discussion in the case of the appropriateness of
the security at BB from where the data acquired?. From a data subject view
Id not be too happy with BB security. Under DPA each 'controller' owes their
security obligation to the data subject.
Any info on the specific DPA offences prosecuted?.
David Wyatt
----- Original Message -----
From: "Pounder Chris" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Tuesday, October 21, 2003 11:32 AM
Subject: [data-protection] DP prosecution B'ham Post
Sacked accountant 'raided' information Oct 21 2003
Guy Newey, Birmingham Post
A disgruntled accountant who illegally accessed banking information worth a
total of £6.3 million was ordered to pay £15,000 at Birmingham Magistrates'
Court yesterday.
Abdullah Dervish (60) from Bearwood Road, Warley, Birmingham, admitted ten
infringements of the Data Protection Act, and admitted another 165 similar
offences.
Dervish, who has been a personal tax accountant in Bearwood for 22 years,
was an agent for Bradford & Bingley and involved in encouraging his clients
to take accounts with the building society.
As part of his work he had access to the company's computers and after they
sacked him at the end of 2000 he began downloading details of individual
accounts, including their balances and addresses.
He then used the details to send letters from the Yorkshire Bank - for whom
he had begun working as an agent - and put the B&B accounts on notice to
close.
Dervish, a member of the Institute of Financial Accountants, targeted the
largest balances, including one with a balance of £70,000.
Some accounts belonged to elderly women who were shaken by the sudden
appearance of a notice of closure letter.
As a result of his actions 78 clients transferred accounts worth a total of
£2.4 million, although many of these were Dervish's personal accounting
clients.
Prosecutor Bernard Thorogood said: "When he was handed the notice he was
clearly annoyed. He said he would not allow his agency to be transferred to
someone else."
Dervish, who had worked as a B&B agent for 16 years, then ordered his
assistant, who the court heard was in no way guilty of any crime, to
download personal details of individual accounts.
The accounts were put on notice to close, which would mean the account
holders would receive letters telling them their accounts were being
terminated.
Dervish would then use the addresses he had obtained to invite people to
transfer their banking to the Yorkshire Bank.
Magistrates's Chair Nancy Littler fined Dervish £1,000 for each of the
charges and ordered him to pay costs of £5,000.
A spokesman for the Commission of Information said it was pleased to see the
courts recognise the seriousness of the offence.
______________________________E-mail confidentiality
__________________________________ This message is intended for the
addressee only. It is private, confidential and may be covered by legal
professional privilege or other legal or attorney/client privilege. If you
have received this message in error, please notify us and remove it from
your system. If you require assistance, please contact our London office
(telephone +44 (0) 20 7490 4000). Masons is an international law firm with
offices in London, Bristol, Edinburgh, Glasgow, Leeds, Manchester, Brussels,
Dublin, Hong Kong, Shanghai, Guangzhou and Singapore. Further information
about the firm and a list of partners is available for inspection at 30
Aylesbury Street, London EC1R OER or from our Web site at www.masons.com
This e-mail has been scanned for all viruses by Star Internet using
MessageLabs SkyScan services. For more information visit: www.star.net.uk.
____________________________________________________________________________
_____________
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|