0370 270 6000

already registered?

Please sign in with your existing account details.

need to register?

Register to access exclusive content, sign up to receive our updates and personalise your experience on brownejacobson.com.

Privacy statement - Terms and conditions

data protection seventh principle - skip it at your peril

25 August 2010

DSG Retail Limited has been found in breach of the Data Protection Act after discovery of customers’ credit agreements in a skip at one of its PC World Stores.

DSG’s Chief Executive, John Browett, has given a formal undertaking to the Information Commissioner’s Office agreeing to change DSG’s procedures to ensure that this doesn’t happen again.

Whilst the breach of the Data Protection Act has caused bad press, DSG Group can consider itself  lucky that the personal information contained in the credit agreements were not used by criminals – if they had been, DSG would have been on the wrong side of a £500,000 fine from the Information Commissioner as well as likely damages claims from the individuals concerned.

The case highlights the need for all organisations to comply with the Data Protection Act and, in particular, the ‘seventh data protection principle’ which requires that organisations have appropriate measures in place to guard against accidental loss of, destruction of or theft of personal information.

related opinions

Marriott International: a look behind the ICO’s £99m fine and what this means for corporate acquisitions

Last month, the Information Commissioner’s Office (ICO) announced notice of its intention to fine (NOI) Marriott International, Inc. £99m for infringements of the GDPR.

View blog

Cyber risks – are businesses really ready?

The Hiscox Cyber Readiness report, a review of 3300 organisations, will be a stark warning for CEO’s of SME’s in the UK and in Europe.

View blog

Landlord and tenant inspections - getting the evidence right

In Rogerson v Bolsover District Council (2019) the Court of Appeal found against a local authority landlord pursuant to the Defective Premises Act 1972 following a finding of an inadequate inspection regime.

View blog

As Japan becomes 'adequate' for data protection laws...will the UK soon become 'inadequate'?

On 23 January 2019, the European Commission and the Personal Information Commission of Japan, concluded a two-year-long dialogue and the adoption of the decisions recognising each other’s personal data protection systems as ‘equivalent’.

View blog

mailing list sign up



Select which mailings you would like to receive from us.

Sign up