Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Privacy Businesses Your Rights Online

UK Company Sold Workers' Secret Data 122

Posted by kdawson
from the art-of-the-blacklist dept.
krou writes "The BBC is reporting that the Information Commissioner's Office has shut down a company in the UK for a serious breach of the Data Protection Act. It claims that the company, The Consulting Association in Droitwich, Worcs, ran a secret system that it repeatedly denied existed for 15 years, selling workers' confidential data, including union activities, to building firms, allowing potential employers to unlawfully vet job applicants. About 3,213 workers were in the database, and other information included data on personal relationships, political affiliations, and employment histories. More than 40 firms are believed to have used the service, paying a £3,000 annual fee, and each of them will be investigated, too." The article says that The Consulting Association faces a £5,000 fine — after pulling in £1.8 million over 15 years with its illegal blacklist.
This discussion has been archived. No new comments can be posted.

UK Company Sold Workers' Secret Data

Comments Filter:
  • Tortuous? (Score:3, Interesting)

    by DoofusOfDeath (636671) on Friday March 06, 2009 @09:51AM (#27090567)

    The article says that The Consulting Association faces a £5,000 fine â" after pulling in £1.8 million over 15 years with its illegal blacklist.

    Are they also open to civil lawsuits from affected employees?

  • by krou (1027572) on Friday March 06, 2009 @10:00AM (#27090675)
    The Data protection act has been around for about 10 years already in the UK, and from what I can understand, the electronic database has been around for 15 years. They didn't recently digitize it. Of course, before then, it's anybody's guess, but these guys could have been prosecuted 10 years ago.
  • by Anonymous Coward on Friday March 06, 2009 @10:09AM (#27090783)

    A few key details were left out of the article.

    1.) Did the workers agree to background checks?
    2.) Was the information provided false?

    If no to #1 or yes to #2, they have grounds to sue the company individually. The fine is only from the government. This happens every day in the US, but you don't hear much uproar.

  • Re:Tortuous? (Score:3, Interesting)

    by krou (1027572) on Friday March 06, 2009 @10:24AM (#27090945)
    Yeah, not going to be too easy, but at least they're taking it seriously and offering help. According to news on the ICO's website [], "From 16 March the ICO will operate a dedicated enquiry system for people who believe personal information about them may be held on the database. Members of the public are advised not to contact the ICO until 16 March."
  • by u38cg (607297) <> on Friday March 06, 2009 @10:35AM (#27091079) Homepage
    I think the fine is a legal maximum; when the law was written it was never envisaged that a company would be abusing data in this way.

    Am I right in thinking that a company doing this would, in general, be entirely legal in the US?

  • by Cally (10873) on Friday March 06, 2009 @10:38AM (#27091127) Homepage
    That's the infuriating aspect of this for some of us in the infosec world. This wasn't "selling private data", it was a good old-fashioned blacklist of "troublesome" employees who did annoying things like joining unions, complaining about health and safety violations (construction's very dangerous in the UK, I think it's ~100 deaths a year, and you can work out the ratio of deaths to maimings and career-ending injuries.) What they did was vile and evil, and the companies (huge mainstream FTSE-listed corporations, mostly) should be taken to the fucking cleaners as a clear sign that this sort of thing is illegal for good reasons, and will not be tolerated. However it's got FA to do with "leaking of personal data"; the headlines here, on the Beeb and even El Reg have been totally misleading.
  • Re:Common practice (Score:1, Interesting)

    by Anonymous Coward on Friday March 06, 2009 @04:53PM (#27097045)

    In fact, this Guardian article [] suggests that Ian Kerr, the man behind this company, used to work for the Economic League.

The use of money is all the advantage there is to having money. -- B. Franklin