Monday, October 24, 2005

Your personal information is for sale - private eye steals information to track down victim of domestic abuse

Via The Register
A private detective was fined this week for unlawfully obtaining information relating to 'vulnerable women' from medical centres. Ray Pearson, a director of North London-based Pearmac Ltd, was prosecuted by the Information Commissioner’s Office.

Pearson also persuaded an employee from Her Majesty’s Revenue and Customs (HMRC) to hand over his Employee Identity Number, and then misrepresented himself in order to find out about a customer of HMRC.

The Office of the Information Commissioner adds details on further offences also committed by Pearson.

Appalling as this report is, the full story behind it is worse. Two of the cases involved will show why.

One of the people whose information was stolen, Ms. X, was a victim of domestic abuse. She had left her husband, taking her daughter with her, to start a new life. The husband hired a private eye to track her down. He, in turn, subcontracted the work to Pearson. Pearson decided to track Ms. X via her father. Knowing that her father was a patient of a particular medical centre, Pearson rang the centre pretending to be from the local health authority and stating that he needed to contact the father in relation to a prescription. The medical centre gave him the father's telephone number, taking him one step closer to tracking down Ms. X on behalf of her abusive husband.

Another victim, Ms. Y, had recently been a prosecution witness in a criminal case. She discovered that her friends and associates were receiving suspicious telephone calls. Her utility company also received suspicious calls, as a result of which some of her personal information was revealed. British Telecom was also called in an attempt to obtain personal information. Most seriously, her GP was contacted by a person pretending to be a psychiatrist, seeking access to her medical file. Inquiries by the Office of the Information Commissioner revealed that these phone calls all came from Pearson's premises.

Why do these cases matter? When we express concern about issues such as data retention the official response is often that "the innocent have nothing to fear". These cases prove the contrary - you do not have to have done anything wrong to have your personal information stolen by unscrupulous criminals. The more information stored on you, the easier it will be for these abuses to take place, and the more risk you may be put in as a result.

(The information on the two cases above was supplied by the Office of the Information Commissioner and is redacted to protect the identities of the victims.)