The Cost of Taking Client Records
A recent statement from the Information Commissioner’s Office (ICO) warns people to think before taking client records to a new company. The information also applies to employees who leave a job to start their own business.
ICO states that a former waste disposal employee who left his job, taking information about previous clients with him, has been prosecuted and fined.
Mark Lloyd, who worked at Acorn Waste Management Ltd in Shropshire, emailed the details of 957 clients to his personal email address as he was leaving to start a new role at a rival company. The documents contained personal information including the contact details and purchase history of customers and commercially sensitive information.
Appearing at Telford Magistrates’ Court on 26 May, Mr Lloyd pleaded guilty to unlawfully obtaining data and was prosecuted under section 55 of the Data Protection Act. He was fined £300, ordered to pay a victim surcharge of £30 and £405.98 costs.
Steve Eckersley, head of enforcement at the ICO said: “Taking client records that contain personal information to a new job, without permission, is a criminal offence.
“Employees need to be aware that documents containing personal data they have produced or worked on belong to their employer and are not theirs to take with them when they leave. Don’t risk a day in court by being ignorant of the law.”
The ICO explains that unlawfully obtaining or accessing personal data is a criminal offence under section 55 of the Data Protection Act 1998.
The offence is punishable by way of ‘fine only’ in a Magistrates Court or a Crown Court. The ICO continues to call for more effective deterrent sentences, including the threat of prison, to be available to the courts to stop the unlawful use of personal information.
Matthew from Consensus HR says: “Some employees believe they have the right to take key information from their employer and use it to start their own business. This case highlights to businesses what action they can take should this happen.
“It is one of the reasons why we include a restrictive covenant in employees’ contracts if their position or job role involves accessing key customer or business information.
“In addition, we recommend that employees are supported to ensure that they fully understand their obligations under the Data Protection Act 1998 and additional, relevant legislation.”