The Information Commissioner’s Office (ICO) announced its decision to fine a baby club £140,000 for illegally sharing individuals’ personal data with the Labour Party.
The United Kingdom’s data watchdog said it intends to impose the penalty as a result of Lifecycle Marketing (Mother and Baby) Ltd (“LCMB”) failing to fulfill its responsibilities as a data controller, as defined by the Data Protection Act 1998. Specifically, the ICO expressed that LCMB didn’t comply with the Act’s first data protection principle requiring data controllers to obtain data subjects’ consent for the fair processing of their personal information.
In its Notice of Intent, the ICO explained that LCMB, a firm which specializes in engaging new and expectant mothers under the umbrella of Emma’s Diary, provided 1,065,220 data records to Experian Marketing Services in May 2017. The agreement stated that Experian Marketing Services would provide the records consisting of names, addresses, dates of birth and other information to the Labour Party. The purpose of the agreement was to assist the Labour Party with a direct marketing mail campaign for a general election in 2017.
A spokeswoman for the baby club said the ICO’s Notice of (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/latest-security-news/ico-to-fine-baby-club-140k-for-illegally-sharing-data-with-labour-party/