London, United Kingdom, November 22, 2009 --(PR.com
)-- As a major UK telecoms provider comes under investigation for its role in the misappropriation of its customers’ data, Powerchex warns that the sale of personal information has reached epidemic proportions. This week it emerged that a mobile phone giant is under investigation after a member of staff passed on details of thousands of customers’ data to brokers, who then sold it to rival firms.
With the company suggesting that illegal data sharing may be an industry-wide problem, Information Commissioner Christopher Graham this week stated that he wanted to “close down the entire unlawful industry in personal data.”
Alexandra Kelly is the MD of London pre-employment screening firm Powerchex, and knows the safeguards that handlers of personal or sensitive information should have in place. “The Information Commissioner is very clear on what rules Data Controllers and Data Processors, should adhere to when it comes to obtaining, storing, transmitting and destroying personal data. Buyers of such information must make sure that they understand how the information was obtained and whether it comes from a legitimate source.”
Unfortunately the risk is growing. In the USA, the sharing of personal information is legal and fairly commonplace, and there is relatively little protection for affected individuals. Criminals in the UK are waking up to the idea that data sharing can be a very lucrative practice, with just a small fine for getting caught.
Alexandra Kelly questions the demand for such information; “It is extremely poor practice for any company to rely on information from an unidentified source, information that could have been obtained illegally. The validity of any such data should be considered questionable, as neither its source nor its currency can be authenticated.”
There has been some good news, with the announcement that the government intends to impose prison terms of up to 2 years on those who breach data protection rules; at present only fines can be levied. However, questions remain whether this will provide a sufficient deterrent to individuals who act with criminal intent, or to firms that persistently fail to safeguard sensitive information.