Islington Council has been fined £70,000 by the UK’s privacy watchdog for leaking sensitive data of residents, including information on their mental heath and their housing needs.
The data, which also noted if residents had been a victim of domestic abuse, was leaked after a freedom of information request was made through the What Do They Know (WDTK) website, which publishes responses for all to see online.
When Islington Council uploaded information in late June related to the work of the authorities’ Housing Performance Team, they also published sensitive data related to 2,375 residents in an Excel document.
The data remained on the site for over two weeks, even though the council had been told about the issue early on, until the mistake was spotted by a site admin, according to the Information Commissioner’s Office (ICO).
“This mistake not only placed sensitive personal information relating to residents at risk, but also the highlighted the lack of training and expertise within the council,” said ICO head of enforcement, Stephen Eckersley.
“Councils are trusted with sensitive personal information, and residents are right to expect it to be handled in a proper way. Unfortunately, in this case that did not happen, and Islington Council must now explain to residents how it will stop these mistakes being repeated.
The council has accepted the fine. An Islington Council spokesman added: “We remain extremely sorry for the upset and worry this disclosure may have caused to some people. The council carried out a thorough investigation when this disclosure came to light, and we have since put in place more rigorous checks.
“The person who released the data did not have sufficient knowledge of spreadsheets to recognise the error or to put it right.”
What do you know about Internet security? Find out with our quiz!
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…
View Comments
Fining a council is just sheer stupidity, effectively its fining the victims as they have to pay it via their taxes.
Any fine on a public body should be paid by those responsible for the wrong doing. If they can't be identified then it should fall on the CEO or equivalent as its their ultimate responsibility.