PC World Owner Pinged Over Dumping Customer Data

The owner of PC World (DSG Retail Ltd) has been slapped over the wrist by the Information Commissioner’s Office (ICO), after eight completed customer credit agreements, containing personal and financial details, were discovered in a skip at one of its PC World stores.

The news of this latest data protection breach came to light after the ICO was informed by a local authority’s environmental health department that it had found the documents in January 2010.

It seems that the documents concerned transactions two years earlier at the PC World store. According to the ICO, the documents had been retained beyond the period specified in the data controller’s procedures, and disposed of in a manner inconsistent with those procedures.

No Fine

What should have happened was that the data controller should have transported them in sealed containers to a central facility for secure shredding.

“As a result of this incident, the Commissioner also formed the view that the data protection training given to the data controller’s staff was limited,” said the ICO.

The ICO decided not to fine DSG this time, but instead settled for John Browett, chief executive of DSG, to sign a formal undertaking to prevent a similar breach. DSG is required to undertake a number of steps, including reviewing its security procedures and training its staff on how to comply with the company’s security policies.

Earlier this week, the UK Financial Services Authority fined Zurich Insurance £2.2 million for failing to prevent the loss of customers’ confidential information.

Data Breaches

But the ICO itself has still has not issued any fines, despite naming and shaming a whole host of institutions and public service organisations that have been subject to data breaches. In June, for example, the ICO published a list of all the data breaches reported since 2007. Of the 1,007 reported breaches, the NHS was responsible for 305.

The ICO has warned businesses that if they do not own up to data breaches, they will face tougher action than those that come forward of their volition. Companies that fall foul of data breach laws risk a maximum fine of £500,000 under new powers granted to the ICO in January.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

11 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

14 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

15 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

16 hours ago