Can a service to help reunite people with their lost laptops run afoul of UK data protection laws? It seems that it might….
David Neal reports:
<blockquote>As you might have discerned, there is something about Lost Laptop, the company that puts itself in between misplaced notebooks and their owners, that we just can’t let go of.
Now the UK data privacy watchdog, the Information Commissioners Office (ICO), has also confirmed that it is taking a closer look at the business and its website.
During our investigation we also contacted the law firm of CMS Cameron McKenna, and Ian Stevens, Partner in the technology and sourcing team, advised us, “In obtaining, accessing, consulting or disclosing individuals’ personal data without their consent Lost Laptop risk[s] being held in breach of both the Data Protection Act and the Computer Misuse Act.”
Following a request for comment about the service, today the ICO confirmed to us that it is looking into the situation, and in a statement said that it regards the business, and the apparent information that it is sharing, as worthy of further investigation.
A spokesperson for the ICO said, “We are concerned at the existence of a web site that appears to be trading in individuals’ lost or stolen laptops, particularly the fact that it is making the content of each laptop, which in some cases may include personal information, available to anyone browsing the site. Any organisation processing personal data must notify with the ICO as a data controller and ensure that adequate safeguards are in place to keep that information safe and secure. This is an important principle of the Act.”</blockquote>
Read more in <a href=”http://www.theinquirer.net/inquirer/news/1564966/uk-ico-looking-lost-laptop”>The Inquirer</a>. In a <a href=”http://www.theinquirer.net/inquirer/news/1564769/closer-look-lost-laptops”>previous story</a>, Neal explained how the site works.