ICO penalties for not encrypting sensitive personal data

Fearghas McKay fearghas at gmail.com
Sun Oct 28 19:50:19 GMT 2012

Tell the Guardian or other national rag?

sent from my computerised otterbox - apologies for formatting etc.  

On 28 Oct 2012, at 11:55, Gary Mulder <flyingkiwiguy at gmail.com> wrote:

> On 26 October 2012 10:25, Peter Tomlinson <pwt at iosis.co.uk> wrote:
>> Smart Card News has today reported:
>> Penalty Highlights Need for Encryption of Sensitive Data
>> The Information Commissioner's Office (ICO) is reminding organisations that sensitive personal information should be encrypted when being stored and sent electronically.
>> The news comes as Stoke-on-Trent City Council receives a monetary penalty of GBP 120,000 following a serious breach of the Data Protection Act that led to sensitive information about a child protection legal case being emailed to the wrong person.
> That's interesting. I discovered today a website that intentionally makes false claims of using SSL, and Visa 3D Secure or Mastercard SecureCode, but in fact accepts credit cards online in plain text. How do you get the ICO to investigate such blatant misrepresentation and violations?
> Gary
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.chiark.greenend.org.uk/pipermail/ukcrypto/attachments/20121028/9ccb2ace/attachment.html>

More information about the ukcrypto mailing list