Information Commissioner's Office
Former social services council employee fined for unlawfully accessing sensitive personal data
A former family intervention officer at St Helens Borough Council has been sentenced for unlawfully accessing social services records.
Rachel Anderton was prosecuted for viewing records on the council’s case management system between 17 January 2019 and 17 October 2019 without having a business need to do so.
An internal council audit found the defendant unlawfully looked at the records of 145 people whilst employed in the social services department. Anderton resigned from the council before disciplinary proceedings commenced.
Anderton, of Haydock, Merseyside appeared before Wigan and Leigh Magistrates Court on 11 September 2023 and pleaded guilty to one offence of unlawfully obtaining personal data, in breach of s170(1) of the Data Protection Act 2018. Anderton was fined £92.00, ordered to pay court costs of £385.00 and a victim surcharge of £32.00.
“People have the absolute right to expect that their sensitive personal information will be treated with the utmost privacy and in accordance with data protection laws. For some reason, this individual chose to flout those laws and spend time snooping at people’s sensitive personal information.
“Not respecting people’s legal right to privacy can have serious consequences, as this case shows. It results in a criminal conviction, which may lead to loss of employment and severe damage to future career prospects, alongside the accompanying financial penalties.
“Our successful prosecution of this individual sends a clear message - that we will take action against people who take it upon themselves to abuse their position of trust.”
- Andy Curry, Head of Investigations at the Information Commissioner’s Office
Notes for editors
- The Information Commissioner’s Office (ICO) is the UK’s independent regulator for data protection and information rights law, upholding information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
- The ICO has specific responsibilities set out in the Data Protection Act 2018 (DPA2018), the United Kingdom General Data Protection Regulation (UK GDPR), the Freedom of Information Act 2000 (FOIA), Environmental Information Regulations 2004 (EIR), Privacy and Electronic Communications Regulations 2003 (PECR) and a further five acts and regulations.
- The ICO can take action to address and change the behaviour of organisations and individuals that collect, use, and keep personal information. This includes criminal prosecution, non-criminal enforcement and audit.
- To report a concern to the ICO telephone call our helpline on 0303 123 1113, or go to ico.org.uk/concerns.
Latest News from
Information Commissioner's Office
Share information to protect children and young people at risk, urges UK Information Commissioner15/09/2023 10:15:00
Organisations will not get in trouble if they share information to protect children and young people at risk of serious harm, the UK Information Commissioner’s Office (ICO) has promised.
UK Information Commissioner and NCSC CEO sign Memorandum of Understanding13/09/2023 13:10:00
The UK Information Commissioner, John Edwards, and the Chief Executive of the National Cyber Security Centre (NCSC), Lindy Cameron, yesterday signed a joint Memorandum of Understanding (MoU) that sets out how both organisations will cooperate.
ICO to review period and fertility tracking apps as poll shows more than half of women are concerned over data security07/09/2023 16:20:00
The Information Commissioner’s Office (ICO) is reviewing period and fertility apps as new figures show more than half of women have concerns over data security
ICO publishes new guidance on sending bulk communications by email31/08/2023 16:20:00
The Information Commissioner’s Office (ICO) yesterday issued a warning to organisations to use alternatives to the blind carbon copy (BCC) email function when sending emails containing sensitive personal information, following a catalogue of business blunders.
Joint statement on data scraping and data protection25/08/2023 09:10:00
The Information Commissioner’s Office and eleven other data protection and privacy authorities from around the world have today published a joint statement calling for the protection of people’s personal data from unlawful data scraping taking place on social media sites.
One in three young people falling prey to ‘text pests‘ as ICO calls for victims to come forward22/08/2023 14:10:00
The Information Commissioner’s Office (ICO) has today launched a call for victims of so-called ‘text pests’ to come forward to help the regulator gather evidence of the impact of this illegal behaviour.
ICO consultation on the draft biometric data guidance18/08/2023 12:25:00
The Information Commissioner’s Office (ICO) is producing guidance on biometric data and biometric technologies.
ICO response to a data breach at Norfolk and Suffolk Constabularies15/08/2023 14:10:00
Norfolk and Suffolk Constabularies have announced a data breach relating to responses for Freedom of Information (FOI) requests for crime statistics, issued between April 2021 and March 2022.
“We are continuing to deliver for the public” – ICO publishes practice recommendations and enforcement notices on FOI10/08/2023 16:10:00
The ICO has today published action on five public bodies – Liverpool City Council, London Borough of Tower Hamlets, the Medicines & Healthcare Products Regulatory Agency, the Ministry of Defence and the Environment Agency - for failures to meet expected standards in responding to Freedom of Information Act requests.