View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 12, 2011

Walsall Council breached Data Protection Act: ICO

Council dumped residents' details 'accidentally' in skip, says watchdog  

By CBR Staff Writer

The Information Commissioner’s Office (ICO) has revealed that the Walsall Council breached the Data Protection Act by "accidentally dumping" hundreds of local residents’ postal vote statements in a skip.

An investigation carried out by the information watchdog found that the council did not have a contract in place with the organisation processing the personal information of residents.

The council also failed to provide their contractor with instructions on how the information should be kept secure, as required under the Act, found the probe.

The ICO said the statements – which were disposed of in March 2011 by an external contractor on the council’s behalf – included people’s names, addresses, dates of birth and signatures.

Despite the council’s best efforts, 951 statements have not been recovered and are believed to have ended up in landfill or been destroyed, added the ICO.

Subsequently the ICO asked the council chief executive Paul Sheehan to sign a formal undertaking to ensure that contracts are put in place with all suppliers hired to process personal data on the council’s behalf.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

ICO Director of Operations Simon Entwisle said: "While councils can hire contractors to process personal information on their behalf, they must remember that they are still ultimately responsible for ensuring people’s information is kept secure. Obviously little thought was given to this when the statements were disposed of in the skip."

"We are pleased that Walsall Council has now taken action to make sure that adequate security measures are put in place."

The ICO said that the council will also make sure that sufficient guarantees are agreed with their suppliers and will carry out checks to make sure that their own data protection polices and information security procedures are being followed.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.