Friday, March 16, 2007

Banks' Behaviour Unacceptable

The Information Commissioner has publicly accused banks, that have left customer details in the street, of an 'unacceptable' breach of the Data Protection Act.

It seems that the ever popular banks, who provide their customers with such "value for money", have been leaving customer account details in waste bins, skips and bin bags outside 11 branches across the country.

Needless to say this exposes the hapless customer to identity theft and fraud.

Deputy Information Commissioner David Smith said:

"It is unacceptable for banks and other organisations to carelessly discard their customers.

It is vital that banks and other organisations take security seriously. If they do not, they not only risk further action from the Information Commissioner but also risk losing the trust of their customers.

Individuals must feel confident that banks and other organisations are safeguarding their personal information
."

The 11 financial institutions that have been named and shamed are:

-Halifax-Bank of Scotland
-Barclays
-Alliance & Leicester
-Royal Bank of Scotland
-NatWest
-Nationwide Building Society
-Co-operative Bank
-HFC Bank
-Clydesdale Bank
-Scarborough Building Society
-United National Bank

Also on the list were the Post Office and the Immigration Advisory Service.

The information publicly discarded by the banks included; names, addresses and bank account numbers.

Nigel Evans MP, chairman of the All Party Parliamentary Group on Identity Fraud, demanded heavy fines for the organisations involved.

Quote:

"It is absolutely unforgivable that these financial institutions have acted so irresponsibly.

They seem to have ignored warnings about the need to keep customer details secure. Quite frankly, I am amazed that this is still going on. It is well known that criminals actively target bins in search of this sort of detail. This behaviour shows a cavalier disregard towards the protection of customers
."

The Information Commissioner's Office has asked the banks and other organisations to sign a formal undertaking to abide by the Data Protection Act in future. If they fail to do so, they would face action leading to prosecution and fines.

The British Bankers' Association said:

"Banks take their responsibilities for protecting customers' personal information very seriously and each bank has secure arrangements for disposing of confidential customer information.

The banks concerned have fully investigated the circumstances and taken appropriate steps to ensure that any weak links in their security practices have been addressed
."

The statement by the Bankers' Association is of course contradictory, what is the point of having secure arrangements if they are not followed?

Pretty pathetic really, it hardly leads one to conclude that the high fees that banks charge for their "services" are justified.

No comments:

Post a Comment