is simply viewing data unrelated to work a breach of data protection act?

8 comments

For example, if a person working in admin, with access to personal data, did a search on their database for people unrelated to their work, but did not disclose or use the data in any way. Could this be a criminal offence, and breach of data protection act, and if so what would be the likely outcome as regards the employer tracing the log on the employee’s work computer?

Comments:

Primarily, I think that it’s an invasion of privacy and sheer misuse of your trust in access to such data. And if there is no reason to access such data, why the hell are you doing it and asking us on here? Your act is offensive by nature, may not be criminal, but offensive nevertheless.

{ 8 comments }

Afeasf A

i don’t know about the data protection act…but they can get the employee for using company assets for their personal use.

D's Girl

I truly believe it is a breach of data because no one knows whether or not you have the intention of using that information or not. All they know is that you’ve viewed it.

Likely outcome will depend on the contract you signed with your employer when you were hired. You’ll need to review your copy because they may decide to “prsecute to the fullest extent of the law”. It will be up to their discretion.

sosgez

Its improper use of information, and an abuse of trust.

MICHAEL P

Primarily, I think that it’s an invasion of privacy and sheer misuse of your trust in access to such data. And if there is no reason to access such data, why the hell are you doing it and asking us on here? Your act is offensive by nature, may not be criminal, but offensive nevertheless.

MarkEverest

(UK) It is illegal to “hack”, whatever you do with the information you were not authorised to look at.

Merely performing the search would mean that the elements of the offence were complete, therefore the culprit would be liable to prosecution.

Ktn

Yes, it is an offence as the person is using a computer to intrude privacy.
The consequences would normally be minimal in the case that the person is not disclosing the information or using it for personal interests. He could be warned and ligthly fined for a first attempt depending on the policies for handling such situations of the organisation in which he is working.

manu

I don`t think it`s strictly speaking a criminal offence if the data hasn`t been disclosed in any way, it`s unlikely that anyone is going to find out, other than the employer.
Just one example; at my workplace, the computer automatically logs the name of the person who viewed the data. We have some famous customers and one of the most famous footballers in the country had had his info viewed unnecessarily many times (people just being nosey) each person got a warning for that, and if they had been caught doing that again, they would be dismissed.

Onestep downfrom God

MarkEve is wrong. As you explained it, there was no “hacking”, you merely accessed information on the system. You may not have been authorised to access that information, but if the system didn’t prevent you from accessing it, then a court would presume that you were entitled to access it.
You may be in breach of your terms of employment,but not the DPA.

Previous post:

Next post: