Cashier used Barclays systems to profile sex attack victim

A 27 year-old bank cashier was fined pound;800 (A$1,226) yesterday for using her position at Barclays Bank to profile a customer who was the victim of a sex attack by the cashierrsquo;s husband.

The offences of Sarah Langridge, no longer an employee of the bank, were discovered during a hearing for her husbandrsquo;s sentencing when the victim recognised Langridge as a cashier at the bank office she used. The victim, according to the ICO, was concerned that her accounts had been accessed by the attackerrsquo;s wife and filed a complaint with police.

Landgridge#39;s husband, Simon, was sentenced to 18 months for the late night attack, outside the victim#39;s home two years ago, according to the Daily Mail.

The bank#39;s investigation found Langridge had accessed the victimrsquo;s accounts eight times during the eight month duration of her husbandrsquo;s trial. Langridge viewed the victimrsquo;s personal details, current account entries, lending records and her employer details, however during questioning claimed she had not shared the information with her husband or anyone else.

For her incursions on the victim#39;s privacy, Langrdige was also ordered to pay an additional pound;400 and pound;15 victimrsquo;s surcharge.

The UKrsquo;s Information Commissionrsquo;s Office planned to use the case at a Tuesday Justice Committee hearing to argue for prison terms be available to the courts in serious privacy breaches.

Currently, a Magistrates Court can only issue fines up to pound;5,000 while the Crown Court can issue unlimited fines under Section 55 of the UKrsquo;s Data Protection Act.

ldquo;It beggars belief that ndash; in an age where our personal information is being stored and accessed by more organisations than ever ndash; the penalties for seriously abusing the system still do not include the possibility of a prison sentence, even in the most serious cases,rdquo; said Information Commissioner Christopher Graham.

ldquo;I note the outcome of this latest case, and I remain concerned that the courts are not able to impose the punishment to fit the crime in all cases, because the current penalty for this all too common offence is limited to a fine rather than the full range of possible sentences, including prison for the most serious cases,rdquo; Graham said.

ldquo;Blaggingrdquo;, where a person gains unauthorised access to information from a system without necessarily hacking it, has become a serious problem in the UK, according to Graham, pointing to a dozen recent cases from the telecommunications sector, the nationrsquo;s postal system, the police and the health sector.

The commissioner said legislators failed to act on tougher legislation that Parliament put in place in 2008 over ldquo;unfoundedrdquo; concerns for the freedom of the press -- a challenge shared by Australian legislators seeking tougher privacy legislation, which came to a head again following News Corporationrsquo;s News of the World phone hacking scandal.

ldquo;Unfounded concerns about press freedom were a distraction in 2008 and they should never have halted the introduction of stronger sanctions. They should not delay any further the commencement of the powers needed to combat this modern scourge,rdquo; said Graham.


Copyright © 2011 IDG Communications, Inc.

What is security's role in digital transformation?