Home Knowledge Private Investigator Company and its Directors Prosecuted for Data Protection Breaches

Private Investigator Company and its Directors Prosecuted for Data Protection Breaches

November 7, 2014
Partner
Leo Moore

MCK Rentals Ltd, a firm of private investigators, has been prosecuted for breaches of Irish data protection legislation. In addition, for the first time under Irish data protection law, the company directors were also successfully prosecuted.

The case involved an investigation into private investigators undertaken by the Data Protection Commissioner (DPC). The investigation focused on the practices of private investigators to try to identify the new addresses of credit union customers who were in arrears. Certain information was disclosed to the investigators by the credit unions (e.g. PPS numbers and home addresses) and this was then used to obtain further information from other sources (including the Health Service Executive and the Department of Social Protection) through means of misrepresentations and “blagging” techniques.

This decision is significant for many reasons:

  • It is the first time that a firm of private investigators has been prosecuted for the offences of obtaining access to personal data without the prior authority of the data controller and disclosing that data to another person.
  • It is the first time that company directors have been prosecuted where an offence by a company is proved to have been committed with the consent or connivance of the director.
  • It is the first time that the practice of “blagging” has been prosecuted.

Bray District Court found MCK Rentals Ltd guilty of five charges and imposed a fine of €7,500 while two directors were found personally criminally liable of one charge each with a fine of €1,500 each being imposed

The implications of this case are wide-ranging and serve to remind those that process personal data to do so in accordance with data protection law or potentially face criminal liability.

It also sends out a strong warning to company directors and other officers engaged in data processing that they can be exposed for the role they might play in a company’s commission of a data protection offence.

Ongoing compliance with applicable data protection legislation is of utmost importance and all companies should continually review their data protection policies and procedures to mitigate the risk of breaches of data protection law.

Contributed by Leo Moore.

Back to Legal News

Recommended Insights

See all
Article and Insights
1
Feb 2024
Responsible Business Annual Report 2023
William Fry is pleased to launch its Responsible Business Annual Report 2023.
Article and Insights
2
Feb 2024
Digital Operational Resilience Act – second batch of technical standards launched for consultation
We focus on the second batch of draft implementation measures announced by the Eur...
WF_author_blank
Partner
John O’Connor
Article and Insights
2
Feb 2024
John Delaney Documents – Supreme Court Refuses Leave to Appeal
The Supreme Court has refused leave to appeal from a decision rejecting John Delan...
WF_author_blank
Partner
Deirdre O’Donovan
Article and Insights
24
Jan 2024
Cross-Examining Affidavit Evidence in Insolvency Cases
The High Court recently dismissed a petition seeking the winding up of a biofuel c...
WF_author_blank
Partner
Fergus Doorly
prev
next
See all