Think small - think inside the box - just think...

Read our latest insights below on the myriad of weekly global Privacy issues and

why it is so important to get your important matters and plans organised –

as we put in context the nature of LifeBank as the offline internet

Security……or the lack of it! Waiving a big stick at the loss of a small one!

Hard to believe but read on (from TravelMole) to see how a corporation, the size of Heathrow Airport, was so slack – and cavalier? – about matters relating to security.     It paid the penalty for its obvious negligence…..

Heathrow Airport has been fined £120,000 after a member of staff lost a memory stick containing ‘sensitive personal data’, which was later found by a member of the public.

Reports at the time of the loss last October claimed this included the Queen’s security and travel arrangements, although this has not been confirmed.

The Information Commissioner’s Office, which imposed the fine, said the USB stick, which contained more than 1,000 files, was not encrypted or password-protected.

The ICO said a small number of files on the stick contained ‘sensitive’ information, including a training video that revealed the names, dates of birth and passport numbers of 10 people.

The personal data of up to 50 Heathrow security personnel was also on the memory stick.

ICO director of investigations Steve Eckersley told the BBC: “Data protection should have been high on Heathrow’s agenda. But our investigation found a catalogue of shortcomings in corporate standards, training and vision that indicated otherwise.”

The ICO said that the memory stick had been passed on to an unnamed national newspaper. At the time it was found, the Mirror reported that it had been found in a West London street by a member of the public who viewed its contents at a local library and discovered information that included a timetable of patrols used to guard the airport, routes and safeguards for Cabinet ministers and foreign dignitaries, and the route used by the Queen when travelling to and from the airport, the exposure of which could have posed a threat to national security.

However, the ICO said the scope of its investigation was to look at personal data only. It said that only 2% of Heathrow’s 6,500 employees had been trained in data protection.

A Heathrow spokeswoman said: “Following this incident, the company took swift action and strengthened processes and policies.

 

Leave a Reply

Your email address will not be published. Required fields are marked *