[Fwd: Re: Co-op Bank and Verified by Visa]
Roland Perry
lists at internetpolicyagency.com
Sat Jun 27 11:34:41 BST 2009
In article <4A44FB1B.40906 at callnetuk.com>, Pete Mitchell
<otcbn at callnetuk.com> writes
>The bank itself has so far refused to explain exactly how it was done.
>I presume that is forbidden under the Data Protection Act.
It's unlikely that the sequence of events in this case was personal
data. They don't want to reveal how it happened.
However banks have been caught trying to distract the victims by saying
that identifying the suspects is a breach of Data Protection, despite
long standing exemptions such as s29(3), and more recent laws which
allow a frightening amount of data transfer in the name of fraud
prevention [eg s68 & 72 of Serious Crime Act 2007].
Locking up the perpetrator would surely prevent further fraud, and it's
not clear that most victims want to know the name and address of the
perpetrator, just the mechanism used so they can be more alert next
time.
--
Roland Perry
More information about the ukcrypto
mailing list