From the Information Commissioner’s Office on February 27:
A former senior local government officer has been prosecuted for passing the personal information of rival job applicants to his partner.
Kevin Bunsell was employed by Nuneaton and Bedworth District Council in Warwickshire as its Head of Building Control and had been trained in data protection law.
In July 2017, his partner applied for an administrative job at the council and Bunsell was not involved in the selection process because of his personal relationship. However, he accessed the authority’s recruitment system and emailed the personal information of the nine rival shortlisted candidates to both his own work email address and also his partner’s Hotmail account.
The recruitment packs he shared included the name, address, telephone number and CV of each candidate, along with contact details for each of their two referees. That was against the law.
The court was told that once the data breach had been discovered, Bunsell resigned and although his partner had initially been successful, her employment was also terminated because she had had been appointed on the basis of an invalid recruitment process.
Bunsell, aged 60, of Pembroke Close, Bedworth, admitted a charge of unlawfully sharing data in breach of s55 of the Data Protection Act 1998 when he appeared at Nuneaton Magistrates’ Court. He was fined £660 and was also ordered to pay £713.75 costs and a victim surcharge of £66.
Steve Eckersley, Director of Investigations at the Information Commissioner’s Office, which brought the prosecution, said:
“People who supply their personal information to an organisation in good faith, such as when applying for a job, have a legal right to expect it will be treated lawfully and ethically.
“Not respecting people’s legal right to privacy can have serious consequences, as this case demonstrates. Not only might you face a prosecution and fine, along with the attendant publicity, but you may also lose your job and severely damage your future career prospects.”