Christopher Walter, Helena Milner-Smith, Louise Freeman, Dan Cooper, Mark Young, and Mark Welch of Covington and Burling write, in part:
Unauthorized Access to Personal Data was an Offence under the Computer Misuse Act
The ICO recently published details of its prosecution of a motor industry employee who, during her employment, compiled and transferred road traffic accident data without the authorization of her employer. The employee sold the personal data to an accident claims management firm which used it to make nuisance calls.
The employee was found to have committed offences under the Computer Misuse Act 1990, section 1 of which refers to causing a computer to perform a function with intent to secure access to any program or data held on that computer.
The employee has been sentenced to eight months of imprisonment, suspended for two years, and must also carry out 100 hours of unpaid work, contribute £1,000 in costs and repay a benefit figure of £25,000.
Read more on InsidePrivacy.