Private investigators sentenced for unlawfully obtaining personal data
- Students have a right to see how their A-levels and GCSEs were marked
- Estate agent data breach leaves customers open to ID theft
- Students reminded they have a right to see how exams were marked
- Information Commissioner ‘sounds the alarm’ on data breaches within the legal profession
- Digital marketing company receives £50,000 penalty for bombarding people with nuisance calls
- Big data ‘not a game played by different rules’, says regulator
News release: 24 January 2014
Six men who were part of a company that tricked organisations into revealing personal details about customers has today been sentenced for conspiring to breach the Data Protection Act.
Adrian Stanton, 40, ran ICU Investigations Limited in Feltham, Middlesex with Barry Spencer, 41. The pair were convicted at an earlier hearing on Isleworth Crown Court on 20 November 2013. Today Mr Stanton was fined a total of £7500 and £6107 prosecution costs. The ICO awaits the sentencing of Mr Spencer and ICU Investigations Ltd - which will be sentenced as a separate defendant - at a confiscation hearing on 4 April 2014.
Five employees of the company who had previously pleaded guilty to the same offence were also sentenced at Isleworth Crown Court today. Their sentences were:
Robert Sparling (38): £4000 fine and £3000 prosecution costs
Joel Jones (43): £3000 fine and £2500 prosecution costs
Michael Sparling (41) £2000 fine and £2000 prosecution costs
Neil Sturton (43) £1000 fine and £1000 prosecution costs
Lee Humphreys (41) £1000 fine and £1000 prosecution costs
Further details about the case, including the Information Commissioner Christopher Graham’s call for more effective deterrent sentences for this type of offence, can be found in a previous ICO news release on this case.
Notes to Editors
1. The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
2. The ICO has specific responsibilities set out in the Data Protection Act 1998, the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.
4. Anyone who processes personal information must comply with eight principles of the Data Protection Act, which make sure that personal information is:
- Fairly and lawfully processed
- Processed for limited purposes
- Adequate, relevant and not excessive
- Accurate and up to date
- Not kept for longer than is necessary
- Processed in line with your rights
- Not transferred to other countries without adequate protection
5. If you need more information, please contact the ICO press office on 0303 123 9070.