The ICO has quietly announced that a London barrister, Richard Dominic Preston, signed an undertaking following the theft of a laptop computer from Mr Preston’s home. The laptop contained documents relating to cases on which Mr Preston had been instructed, together with email correspondence.
According to the undertaking, much of the data in the documents on the stolen laptop would be in the public domain as a result of being produced or read out in open court; however, the email correspondence was not publicly available.
At the time of the incident, the laptop was unencrypted as Mr. Preston claims he was then unaware that personal laptops could be encrypted. The thieves broke in through an upstairs window, despite the security locks in place, and stole the laptop together with other valuables.
This is not the first undertaking the ICO has issued for a barrister (see, for example, this blog entry and this one) and I continue to wonder at the apparent selectivity or bias as to what kinds of entities the ICO pursues. Going after individual barristers for breaches when there are likely massive data breaches in the private sector does not strike me as a particularly productive use of the ICO’s resources. How about sending a stronger message to businesses?