ICO fines Islington Council £70,000 after website endangers 89,000 people’s data
Parking ticket review service permitted unauthorised access to citizen data, investigation finds
The Ticket Viewer site allows people who have received a parking ticket to examine footage of their alleged offence Credit: PA
Islington Council has been fined £70,000 after the Information Commissioner’s Office found that the north London borough’s parking-ticket website failed to adequately secure the personal information of 89,000 citizens.
The council’s Ticket Viewer service allows people who have received parking tickets in the borough to look at images or video pertaining to their alleged offence. In October 2015, a site user discovered that “manipulating the URL” gave them unauthorised access to folders containing personal information, the ICO said.
The oversights that allowed such material – including, in some cases, medical details – to be compromised put the data of 89,000 people at risk. Before the fault was corrected, the council discovered that 119 documents related to 71 people had been accessed without authorisation a cumulative total of 235 times from 36 unique IP addresses.
An ICO investigation concluded that the Ticket Viewer system ought to have been tested before it went live, and frequently thereafter. The borough’s failure to do so, and the resultant threat to the security of personal information, represented a breach of the Data Protection Act, the ICO said.
“People have a right to expect their personal information is looked after. Islington Council broke the law when it failed to do that,” said Sally Poole, ICO enforcement manager. “Local authorities handle lots of personal information, much of which is sensitive. If that information isn’t kept secure, it can have distressing consequences for all those involved. It’s therefore vital that all council staff take data-protection seriously.”
Supplier sought to kick off project by engaging with the big four mobile network operators
Commissioner Tony Porter tells PublicTechnology about continued efforts to get the Home Office to recognise the need for a surveillance camera code of practice that applies to NHS and...
Policing minister pledges that Home Office will help forces invest in technology initiatives that enable officers to spend more time on the front line
Organisation building centralised team to help Whitehall manage the digital implications of leaving the EU while maintaining longer-term transformation goals