The UK's privacy watchdog revealed that it does have
some teeth afterall when it raided the company responsible for
running an illegal database on "problem" construction industry
workers.
The
Information Commissioner's Office (ICO)
seized the database, which contained details of employment
history and trade union activities of construction workers, from
the Consulting Association in Droitwich, West Midlands last
week.
"This is proof the ICO is far from being a toothless tiger among
regulators," says Paula Barrett, partner at international law firm
Eversheds.
Consulting Association owner Ian Kerr ran the database for 15
years. He charged construction firms a £3,000 annual subscription
fee, supplying
personal details about construction workers to employers which
wanted to vet staff before hiring them.
He faces prosecution for breaching the Data Protection Act,
which requires data controllers to register and be open about how
they process personal information.
Prominent construction firms Balfour Beatty, Sir Robert
McAlpine, Taylor Woodrow and Laing O'Rourke are listed among Kerr's
past and present subscribers.
David Smith, deputy information commissioner, says the ICO is
considering taking action against these firms for using the
database.
This case, one of the first major interventions by the ICO
against a private firm, should serve as a cautionary tale against
vetting employees in this way, says Barrett.
| Stick to the rules when vetting potential employees |
|---|
| Vetting should only be used to address specific justifiable
risks in an open way with the consent of those involved. |
| Organisations should select information providers with care. As
users of the information they too could be charged under the Data
Protection Act. |
| Ask questions about how agencies collect their data. If in
doubt, donot use it. |
| Make sure you have a contract that gives assurances that the
information collected complies with the Data Protection
Act. |
Useful links:
Information Commissioner's
Office
Data Protection
Act