Home / News & Resources / News & Updates / Is your local council doing enough to protect your data?

Is your local council doing enough to protect your data?

  • Posted on

Wokingham Council has suffered its fifth data breach in a year. This demonstrates why more and more residents are looking to sue for breach of data protection.

The latest data breach happened when a woman had her benefit payment details leaked to another resident. Just a month earlier, the council had to apologise after a sex abuse victim had her data shared with her attacker. This happened not once but twice and could have caused significant upset and harm for the victim.

Worryingly, when talking about the failures, the council's customer service team said that "it happens".

A spokesperson for the council has since apologised for the data breaches. And the local authority is implementing measures to safeguard sensitive information.

But, people have the right to expect that councils across the UK have already established robust privacy processes. Why do people have to sue for breach of data protection before councils give this issue the attention it so obviously needs?

Local authority data breaches

The truth is, at Hayes Connor know that councils are neglecting people's privacy all the time.

For example:

Local governments must do better if they don't want people to sue for breach of data protection

Despite the threat of crime, all too often it is human error that is to blame for council data breaches. And, while in many cases local councils argue that the violations are "low risk", we believe that playing down the risk is the wrong approach to take.

Instead, councils must understand the harm caused when they don't look after our data correctly. The impact of such negligence can't be underestimated.

Just having access to an individual's name and address can result in financial fraud and/or identity fraud. With enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts. Even if you haven't lost out financially after a data breach, this doesn't mean that there is no harm done. A data breach can also lead to distress and psychological trauma.

What's more, even if nothing has been done with that information as yet, it doesn't mean the data is safe. Working exclusively on data breach and cybercrime cases, it has become clear to our solicitors that the impact and losses people sustain following a data privacy violation are not always immediately apparent. We see instances where the effects only became clear months later.

What can you do to stop a breach of data protection from happening to you?

If you are concerned that your data might be at risk by a local authority, you can ask for a copy of the data the council holds about you. This is called a subject access request (SAR).

This won't guarantee that an error doesn't result in your information being exposed, but it is a reasonable safety precaution to take. You can also ask the council for a copy of their acceptable use policy and data protection policy.

Not just hackers

Our local governments were hit by almost 100 million cyber-attacks over five years. And one in four council systems were successfully breached. But, while the threat of cybercrime is something that the public sector needs to take seriously, it must also do more to address the issue of human error.

Waiting until a data breach happens is simply not good enough.

For advice on how to keep your data safe, follow our #NotJustHackers campaign on Twitter and Facebook.

Alternatively, if you have been the victim of a data breach or cyber fraud and you want to sue for breach of data protection, contact us. We will answer any questions you might have and discuss your case in more depth.