DSG Retail Limited has been found in breach of the Data Protection Act after discovery of customers’ credit agreements in a skip at one of its PC World Stores.
DSG’s Chief Executive, John Browett, has given a formal undertaking to the Information Commissioner’s Office agreeing to change DSG’s procedures to ensure that this doesn’t happen again.
Whilst the breach of the Data Protection Act has caused bad press, DSG Group can consider itself lucky that the personal information contained in the credit agreements were not used by criminals – if they had been, DSG would have been on the wrong side of a £500,000 fine from the Information Commissioner as well as likely damages claims from the individuals concerned.
The case highlights the need for all organisations to comply with the Data Protection Act and, in particular, the ‘seventh data protection principle’ which requires that organisations have appropriate measures in place to guard against accidental loss of, destruction of or theft of personal information.