Reply to post: A Curious Anomaly?

TalkTalk attack: 'No legal obligation to encrypt customer bank details', says chief

Commswonk Silver badge

A Curious Anomaly?

While IANAL there could be a curious anomaly in the way the DPA is written. As someone mentioned much earlier in this thread:

Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.; this is the "seventh principle" of data protection.

Does "loss" have some special meaning? In normal usage if I lose something it is no longer in my possession, but in this case TT (it must be assumed) still have the data, it's just that someone has downloaded an unauthorised copy of it. Has it, therefore, been "lost"? Has "unauthorised or unlawful processing" occurred within TT or has any such processing been carried out by whoever obtained an unauthorised copy? The really odd thing (IMHO) is that the word "theft" does not appear anywhere in the act.

If recent events do finish up in court then I fully expect some fancy footwork on the part of TT's legal team trying to demolish any suggestion that TT actually did anything wrong, and that might be fun to listen to; I just hope that any such argument is thrown out.

Might be worth stocking up the pop corn and fizzy drinks... the low sugar variety of course.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021