A motor industry employee has been sentenced to six months in prison for stealing accident information and the names, phone numbers and vehicle details of those involved. This is the first prosecution to be done by the Information Commissioner’s Office (ICO) under legislation which carries a potential prison sentence.
Mustafa Kasim worked for accident repair firm Nationwide Accident Repair Services (NARS) and he accessed thousands of customer records which contains their personal data without permission by using his co-worker’s login details to access a software which is used to estimate the cost of vehicle repairs.
The regulator became involved after NARS firm came to know that their clients were targeted by nuisance calls and brought the matter to the ICO’s attention.
Offences of these types are usually prosecuted under the Data Protection Act, which cannot lead to prison, but in this case, they have opted for the Computer Misuse Act, which gives courts greater latitude when it comes to sentencing.
According to a spokeswoman, this case reflected the fact the ICO wanted to use “the most appropriate and effective powers” open to it. It is likely that other such prosecutions might now follow.
This sentence seems to be surprising, though it is never easy to judge these things without knowing the full facts.