Amicus Legal Limited is the latest in a long line of organisations being caught out by wandering laptops or USB keys: see the Information Commissioner’s Enforcement Page.
It’s another case of a laptop theft – this time a consultant’s laptop from a hotel room. As often is the situation, the laptop was unencrypted and belonged to a third party data processor. However, it’s the “owner” of the lost data, the data controller, that gets it in the neck.
These 7th Data Protection Principle breaches are getting so common, you’d think there would not be an unencrypted business-user’s laptop left in the European Union. The Information Commissioner’s patience has got to be wearing thin. They’ll be heavy fines in this area, once those sections 55A – 55E of the Data Protection Act 1998 are brought into effect!