One morning in February 2009, two investigators from the Information Commissioner's Office (ICO) knocked on the door of The Consulting Association, set discreetly off an alley in Droitwich, West Midlands.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
A 30-year covert operation to build a database blacklisting union activists in the construction industry was about to come to an end.
- Construction blacklist comes to light
- On the blacklist
- Evidence of illegal data trading
- Kerr admits to crime
- New powers to aid future investigations
- Ian Kerr: guilty
The raid was the culmination of one of the ICO's most ambitious investigations. The data watchdog took unprecedented legal steps during its eight-month probe. It named more than 40 of the country's biggest construction companies as having potentially broken data laws. And the investigation led to questions in parliament and a promise by the government to outlaw blacklisting.
From 1919 onwards, the Economic League was the most prominent organisation involved in the blacklisting of so-called subversives. It was paid by companies, and worked closely with Special Branch, to compile databases of individuals. It was wound up in the early 1990s after pressure from the media and parliament exposed its flawed operations.
Many of its operatives went to ground and the files went with them. Ian Kerr, the 66-year-old who ran The Consulting Association, was one of them. Kerr had worked for the organisation spying on trade unions, according to a former director general of the Economic League. "He was a key guy. He was one of our most effective research people. His information was genuine and reliable," he said in a newspaper interview.
For years, rumours circulated in unions that the construction industry in particular still used blacklists. But how they operated was a mystery. Last summer, The Guardian talked to construction workers who said they had been blacklisted.
Blacklisted construction workers outside Macclesfield Magistrates
Court (from left to right: Tony Jones, Howard Nolan,
Steve Acheson, Graham Bowker, Sean Keaveney)
One was Steve Acheson, a 55-year-old electrician from Manchester who had barely worked in a decade. He had won an employment tribunal for wrongful dismissal. The tribunal, unusually, had accepted evidence that Acheson had been blacklisted.
The article landed on the desk of David Clancy, investigator for the Information Commissioner. On the door to the office he shares with his three fellow investigators, all with police, military or Customs and Excise background, there is a sign saying "Abandon hope all ye who enter here".
Clancy's first job was to establish if there was a case worth looking into. So he talked to Steve Acheson.
"The day he turned up, I had just received a letter turning me down for work," said Acheson. "I told him he could not have come at a better time. "I didn't think he would find much. I told him this, but he said, 'Once I get my teeth into something I don't let go.'"
Clancy tracked down Alan Wainwright, a former construction company manager, who gave key evidence in Acheson's tribunal. Wainwright had a huge amount of information to share. It was clear that there was a prima facie case that required investigating.
The ICO investigators believed that construction firm Haden Young had information they required. The ICO took the unprecedented step of making an unannounced raid on the firm's premises. This power, under Section 9 of the Data Protection Act, had not been used before in a case of this kind. The raid ultimately led the ICO to The Consulting Association and Kerr.
Construction firms paid a £3,000 annual fee to The Consulting Association and a further £2.20 for a single name search. More than 40 of the biggest names in the industry had, at one time or another, subscribed.
Yet for all the money flowing in, the investigators were confronted with a shabby two-room office. The furniture dated from the 1970s and 1980s, with an electric typewriter on one of the desks and a sophisticated photocopying machine.
Almost immediately, one of the investigators found a ring-binder in a rather tatty plastic cover. Inside it were names, addresses and national insurance numbers.
Then they found a card index. It very much resembled the way a police local intelligence filing system might work.
Card index database seized from Kerr’s office
It was organised alphabetically and each card related to a name in the folder. The cards contained newspaper clippings, employment history and personal comments. There were files on 3,213 construction workers. The companies named in the files were only identified by code numbers, details which Kerr later gave to the ICO. Also recovered were invoices from some of the firms which subscribed to The Consulting Association.
Clancy describes seizing the database as being "like Christmas".
"This had been going on for years," he says. "Steve Acheson and others had never been able to get to the bottom of it, but suddenly we had an answer. It was a nice feeling."
Kerr subsequently pleaded guilty before magistrates in Macclesfield to breaking data protection laws and is due before a crown court for sentencing. He faces an unlimited fine or imprisonment. Magistrates also ordered a full disclosure on the organisation and membership of The Consulting Association.
The ICO is now considering issuing information notices to some 20 construction companies to warn them to handle data correctly. More than 120 people have recovered their blacklist files via the ICO and unions are planning group legal actions against those responsible.
A page from Graham Bowker's file
There is a feeling of satisfaction at the ICO about how this particular investigation has panned out. It is easy to forget that it could have ground to a halt at several key stages. It may not even have started if the ICO employee had not seen the newspaper article. The hearing before the judge over the raid set a legal precedent but could have failed. The Haden Young raid could have blown the operation. A simple phone call could have alerted Kerr to the ICO's interest. As it turned out, if there was a call, Kerr did not stop.
Even on the day his premises were raided, the investigators only got in because the owner of adjoining property let them in through a communal door. "The stars must have been all aligned," says Clancy.
Proposals under the Coroners and Justice Bill could give the ICO new powers that will make investigations like this more commonplace.
For instance, it would enable the ICO to do spot checks on government departments to make sure their data handling processes are correct. The ICO argues that the same right should also be extended to the private sector.
Information notices could also be served on third parties during investigation. This would oblige it to provide information or face a contempt of court charge.
Clancy says such powers would have helped his investigation.
He admits that these are "quite serious powers", but says the effect that Kerr's blacklist had on more than 3,000 people over the past few decades shows the equally powerful impact data can have in the wrong hands