ICO prosecutes company employees for unlawfully accessing client data

A former employee of Lex Autolease Ltd has been prosecuted and fined under section 55 of the Data Protection Act 1998. The employee illegally accessed personal data records of 551 customers of the Company which related to road traffic accidents. The employee accessed the records on his employer's computer and then emailed them to his private email address, which he then sold to a third party as personal leads.

Section 55 covers the unlawful obtaining, disclosing or procuring of personal data, which is a criminal offence. The ICO has warned that employees should “be aware that documents containing personal data they have produced or worked on belong to their employer and are not theirs to take with them when they leave.”

Currently the offence is punishable by way of a fine only, but the ICO continues to call for more effective deterrent sentences, including the threat of prison, to be available to the courts to stop the unlawful use of personal information.

The employee pleaded guilty to two charges under section 55 of the DPA at Manchester Magistrates' Court. He was fined £500 and ordered to pay prosecution costs of £364 and a £25 victim surcharge.

Employers should notify the ICO if they are concerned that an individual is misusing personal data, especially if those individuals have access to customer data or are moving to competitors. Informing the ICO will assist in the company avoiding any criticism for covering up or not taking proper action to remedy a data breach.

It is important that employees who have access to commercially sensitive information are employed on strict contractual terms. Such terms should include express confidentiality provisions applying during and after termination of employment and obligations to return all company property and information when leaving the company.

This case demonstrates that the consequences of an employee taking any confidential or customer information can be a criminal offence, in addition to any other consequences arising from a breach of their employment obligations. Whilst the threat of a criminal sentence may be a deterrent, employers should also have in place appropriate security measures supported by policies, procedures and well-trained staff in order to minimise the risk of personal data being compromised. These protections should not only seek to prevent confidential information being stolen in the first place, but also from being used subsequently.

CONTACT CHRIS

If you would like more information or advice relating to this article or an Employment law matter, please do not hesitate to contact Chris Cook on 01727 798089.

© SA LAW 2019

Every care is taken in the preparation of our articles. However, no responsibility can be accepted to any person who acts on the basis of information contained in them alone. You are recommended to obtain specific advice in respect of individual cases.
The team at SA Law LLP has ‘excellent knowledge of employment law’. Practice head Chris Cook is recommended.
The Legal 500
SA Law Work Life red mug and glasses
Stained glass window Employment SA Law
Views & Insights
CEO and average worker pay gap reporting launches

Latest comment in HR Magazine: Keely explains what HR teams should know about the CEO and average worker pay gap regulations, which come into force in…

Read More
Stained glass window Employment SA Law
Views & Insights
Deliveroo riders’ lose latest challenge to their employment status

The latest development in the Deliveroo gig-economy case sees riders appeal for trade union representation denied

Read More
Stained glass window Employment SA Law
Views & Insights
Vegan takes employer to tribunal over 'philosophical beef'

Partner, Chris Cook comments on the recent tribunal over an ex-employee claiming he was sacked for being vegan.

Read More
Chris Cook handles the full range of employment law for both individuals and organisations. He receives particular recognition for his strong TUPE expertise.…
Chambers & Partners
Phone Box with Man in a Bowler Hat
Stained glass window Employment SA Law
Views & Insights
Is veganism a protected characteristic?

Partner Chris Cook, writes about the recent case brought by Jordi Casamitjana against the LACS.

Read More
SA Law Red arrow neon light image
Views & Insights
GDPR - 6 Months On

Partner and Head of Employment & Data Protection Chris Cook comments on the impacts of GDPR over the past 6 months.

Read More
Stained glass window Employment SA Law
Views & Insights
Don't take career advice from the story of Killing Eve

Partner, Keely Rushmore writes in City AM about the employment law 'no-nos' in the popular BBC TV series Killing Eve.

Read More
SA Law commuters on London Bridge
Views & Insights
UK's post-Brexit immigration policy is highly damaging for hospitality

Immigration solicitor, Gemma Jones comments in Big Hospitality about the impact of Brexit on the UK hospitality sector.

Read More
SA Law Red arrow neon light image
Views & Insights
ICO publishes passwords and encryption guidance

Partner, Chris Cook, identifies the new ICO guidance on passwords in online services and encryption under GDPR.

Read More