The Information Commissioner’s Office (‘ICO’) recently prosecuted the former Head of Building Control at Nuneaton & Bedworth District Council in Warwickshire for passing the personal information of rival job applicants to his partner who had applied for an administrative post with the council.
Although not directly involved in the recruitment process, he accessed his employer’s IT system and emailed the details of the nine shortlisted candidates to his work email address and his partner’s Hotmail account. This includes the name, address, phone number and CV of each candidate, along with details of their nominated referees.
Once the breach was discovered the Defendant resigned and his partner, who had been successful in the competition, had her appointment terminated.
The Defendant pleaded guilty before Nuneaton Magistrates’ Court to unlawfully sharing data in breach of the Data Protection Act 1998. The case was disposed of by way of a financial penalty.
An ICO spokesman said:
Not respecting people’s legal right to privacy can have serious consequences, as this case demonstrates. Not only might you face a prosecution and fine, along with the attendant publicity, but you may also lose your job and severely damage your future career prospects.
What steps has your business taken to make sure this doesn’t happen to you?