All the latest UK technology news, reviews and analysis

Barclays employee fined £3,360 for illegally accessing customer data

26 Sep 2013

A former employee of Barclays Bank has been fined £3,360 after being found guilty of illegally accessing a customer’s data.

Jennifer Addo was sentenced at Croydon Magistrates Court and prosecuted under section 55 of the Data Protection Act (DPA). The court ordered her to pay a fine of £2,990 for 23 offences, £250 prosecution costs and a £120 victim surcharge.

The case came to light when a customer of the bank was concerned someone had accessed his information to gather details on his children, which was then passed to his partner at the time.

The customer informed the bank of his concerns and it then investigated the incident. Barclays found that Addo had illegally accessed the customer’s details on 22 occasions between 10 May 2011 and 8 August 2011. Her employment with Barclays ended soon after the complaint was raised.

The case again highlights the lack of real enforcement powers that exist with section 55 offences under the DPA, a point repeatedly made by the Information Commissioner’s Office (ICO). 

ICO head of enforcement, Stephen Eckersley, reiterated this after the ruling. "This case proves, yet again, why we need a more appropriate penalty for the crime of personal data theft,” he said.

“With the law as it stands, this prosecution isn’t even recorded on the police national computer, which means that an offender could apply for a job in a high street bank tomorrow and the potential employer wouldn’t be informed about the offence. The current 'fine only' regime is clearly not deterring people from breaking the law.”

Eckersley also noted how hard it is for firms such as Barclays to fully ensure data is protected when its is abused by staff in this manner.

“The banking industry has rigorous procedures and safeguards in place to make sure customers’ details are kept secure. However banks rely on the honesty and professionalism of their staff to ensure that the privileged access given to their records is not abused for personal gain."

The ICO has been pushing for stronger sentencing for some time, with the Ministry of Justice said to be looking into the situation.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Dan Worth

Dan Worth is the news editor for V3 having first joined the site as a reporter in November 2009. He specialises in a raft of areas including fixed and mobile telecoms, data protection, social media and government IT. Before joining V3 Dan covered communications technology, data handling and resilience in the emergency services sector on the BAPCO Journal

View Dan's Google+ profile

More on Law
What do you think?
blog comments powered by Disqus

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery


iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Senior IS Compliance Analyst (Risk Assessments) - Growing area

Senior IS Compliance Analyst / Risk Analyst (Risk Assessments...

Web Designer / UI Front End Developer - Opp in new department!

Web Designer / UI Front End Developer (HTML(5), CSS...

Senior Product Manager x2 (Online & Web Platform) - Global Org

Senior Product Manager x2 (Online, Software & Web...

Senior Web Developer / OO Software Engineer (Learn Ruby!)

Senior Web Developer / Software Engineer (Opportunity...
To send to more than one email address, simply separate each address with a comma.