Watchdog slams council's poor response to data breaches

Information Commissioner's Office raps New Forest District Council after series of slip-ups

Neighbourhood watch: A local resident alerted the ICO to the council's misdemeanor

New Forest District Council has been slammed by the Information Commissioner’s Office (ICO) for repeatedly publishing personal data belonging to planning applicants on its website.

The data watchdog was first alerted to the issue in 2008 by a local resident concerned by the council’s failure to remove personal details from a planning application they submitted before it was published online.

After the ICO stepped in, the council removed the offending data, but was tripped up later down the line by the same resident who found data belonging to other planning applicants on the site.

This prompted the council to overhaul its data removal process and introduce a more stringent self-monitoring process.

However, back in July, the ICO discovered that personal data was still being published by the council on its website and ordered it to take more action.

The council’s chief executive, David Yates, has provided the ICO with a personal commitment to enforce measures to guard against any future breaches taking place.

Sally-Anne Poole, enforcement group manager at the ICO, said: “We appreciate it is difficult for any organisation to give a 100 per cent guarantee that they will comply with the Data Protection Act, [but] we expect authorities to put the most effective data protection measures in place and to ensure they are upheld. "