The ICO believes that those who commit such crimes should be sent to prison
Barclays employee Lara Davies, of Barrowash, Derby, has been ordered by the Derby Crown Court to pay a total of £1925 ($3,087, 2,400 EUR) – representing a fine, victim surcharge and prosecution costs – after she illegally accessed the bank statements of her partner’s ex-wife.The unauthorized access came to light after eBay transactions were brought up at one of her partner’s divorce hearings. That's when the ex-wife realized that something was amiss.
The woman was relieved of her duties at Barclays and fined, but the UK’s Information Commissioner’s Office (ICO) highlights the fact that the punishments are too mild for those who commit offense under section 55 of the Data Protection Act.
“High street bank staff have access to financial information on a day-to-day basis, and are expected to treat that privilege with professionalism. When that trust is abused, and the personal data they access is misused, the law is very clear, as this case has shown,” UK Information Commissioner, Christopher Graham explained.
“The only surprise here is that – in an age where our personal information is being stored and accessed by more organisations than ever – the penalties for abusing the system are so inadequate.”
Current legislation dictates that such crimes can be punished only with financial penalties, but the Information Commissioner believes that more effective punishments, including prison sentences, should be applied in order to discourage those who want to violate section 55 of the Data Protection Act of 1998.
“This case illustrates the need for more effective deterrent sentences to be available to the courts, as recommended most recently by Lord Justice Leveson. Unlawful access to personal information is all too easy and all too common - and these days it does not seem to have much to do with the press,” Graham added.