ICO slams Newcastle council after theft of unencrypted laptop

The Information Commissioner's Office (ICO) has criticised a group that works with young offenders after the personal details of 100 young people were put at risk by the theft of an unencrypted laptop.

Newcastle Youth Offending Team, part of the children's services division at Newcastle City Council, confirmed that the device was stolen from the home of a contractor working for the organisation in January.

The laptop contained the names, addresses, dates of birth and the schools attended by those on its database.

On investigating the case, the ICO said that, while the organisation had a contract in place with the contractor, it failed to include obligations relating to data protection.

Sally-Anne Poole, acting head of enforcement at the ICO, once again urged those charged with keeping data secure to use encrypted devices and regularly check that policies are being followed.

"Encryption is a basic procedure and an inexpensive way to ensure that information is kept secure. But, to their detriment, not enough data handlers are making use of it," she said.

"This case also highlights how important it is to ensure that watertight procedures are in place before any work is undertaken by contractors. Organisations shouldn't simply assume that third parties will handle personal data in line with their usual standards."

The incident is another in a long line of cases involving unencrypted devices causing personal details to be put at risk as the ICO's repeated calls for improved data security measures continue to go unheard.

On Thursday, information commissioner Christopher Graham received backing from MPs for the government to introduce the possibility of jail sentences for those who wilfully breach section 55 of the Data Protection Act.