Carphone Warehouse warned on data protection

Accused of breaching the Data Protection Act by the Information Commissioner's Office, the mobile phone company and its broadband service TalkTalk blame free broadband offer for the trouble.

Carphone Warehouse and TalkTalk could face prosecution if they do not improve their data protection, after the companies were accused of mishandling customers' personal data.

The Information Commissioner's Office (ICO) said the mobile phone firm and its broadband company breached the Data Protection Act when they opened customer accounts in the wrong name and sent incorrect information to credit reference agencies and debt collectors.

The ICO said security issues displayed account details online, and that the two companies had not responded to requests by individuals for the information held on them - a key tenet of the act.

Mick Gorrill, assistant commissioner at the ICO, said: "The Data Protection Act gives us all important rights, including the right to correct inaccurate information and to find out what information an organisation holds on us. Organisations that process personal information must comply with the act and, where we find that this is not the case, the ICO will take enforcement action."

He added: "Carphone Warehouse and TalkTalk's use of inaccurate and incorrect personal data has caused real damage and distress to customers. We have now ordered them to take the necessary steps to ensure customers' personal information is sufficiently protected."

The firms were sent enforcement notices, ordering them to improve their data protection management. Not complying with such notices is a criminal offence - and the ICO stressed it may take further action against the two firms if it isn't satisfied with their response.

A spokesperson for Carphone Warehouse said: "We are aware that a very small number of our customers raised concerns with the ICO some time ago. The issues were primarily caused by the significant interest in TalkTalk's introduction of free broadband, over 18 months ago."

"We take these matters very seriously indeed, and as soon as these concerns were brought to our attention we took immediate steps to resolve them and to ensure we are fully compliant with the Data Protection Act," the spokesperson said. "We apologise for any inconvenience that may have been caused and we will continue to work with the ICO in meeting and exceeding their expectations in this and any other respect."

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Apple patches zero-day flaw abused by infamous NSO exploit
exploits

Apple patches zero-day flaw abused by infamous NSO exploit

14 Sep 2021
Hackers develop Linux port of Cobalt Strike for new attacks
Security

Hackers develop Linux port of Cobalt Strike for new attacks

14 Sep 2021