July 28 2014 Latest news:
by Rory Brigstock-Barron
Monday, January 27, 2014
Islington Council will not be punished for a serious data leak blunder that “put lives in danger”, it was announced this week.
An investigation by the Information Commissioner’s Office (ICO) concluded the town hall should not face a fine – despite releasing the details of residents to a gang of yobs they had complained about.
The council was forced to pay £50,000 for extra policing on the Andover Estate after the names of 51 residents were released to 10 yobs in April 2012.
Six families had to be rehoused and a group of 14 residents each received between £1,000 and £5,000 in compensation after taking joint legal action against the town hall.
Three months later a second leak – in which the council published sensitive details including sexual preference, ethnicity, religion and mental health problems of around 2,400 residents – saw the ICO fine the council £70,000.
Last year councillors set aside £500,000 to pay the fines but will now receive no further financial punishment.
The town hall will, however, accept an information audit from the ICO, expected to take place this autumn.
Leader of the Lib Dem opposition Cllr Terry Stacy said the verdict was a “slap in the face” to those affected.
“I’m extremely disappointed in the ICO,” he said. “It’s a slap in the face to the residents forced to move out of their homes due to the council’s incompetence.’’
At the beginning of 2013, the email addresses of 150 residents were inadvertently made public.
Since the leaks, the town hall says it has “instigated a thorough programme of training and awareness-raising” to make staff more diligent.
Cllr Andy Hull, executive member for finance and resources, said: “The release of this data was a serious matter. It was a case of human error but as we have said all along, that does not excuse it. The council is sorry for the distress this caused.”
An ICO spokesperson said:“We considered the existing measures the council had in place to keep the information secure and the remedial measures introduced by the organisation.
“We also considered how best to ensure requirements are met going forward. It was determined that formal action was not the most appropriate means of promoting future compliance on this particular occasion.
“We will keep a record of the incident and revisit it if similar issues come to our attention.”