
The trial of Ian Kerr, the man behind the company accused of illegally compiling a database of over 3,000 construction workers, has begun. He is being charged under the Data Protection Act. Kerr, who ran The Consulting Association, yesterday pleaded guilty in his absence to failing to register the database under the Data Protection Act. The case is awaiting sentencing.
In March of this year, an investigation by the Information Commissioner’s Office (ICO) uncovered Kerr’s database containing details on 3,213 construction workers, which was used by over 40 construction companies to vet individuals for employment. The database was said to have included details of workers’ personal lives and their trade union histories and prompted fears that some on the database had been ‘blacklisted’ from some building sites. The files included comments such as “Communist party,” “ex-shop steward, definite problems, no go,” “do not touch,” “orchestrated strike action,” and “lazy and a trouble stirrer”.
The information was seized by the ICO during a raid in Droitwich, West Midlands. The ICO uncovered evidence at Kerr’s premises that named construction firms subscribed to Kerr’s system for a £3,000 annual fee. Companies could add information to the system and pay £2.20 for details held on individuals. Invoices to construction firms for up to £7,500 were seized during the raid.
Mick Gorrill, Assistant Information Commissioner for the ICO, said:
“Ian Kerr colluded with construction firms for many years flouting the Data Protection Act and ignoring thousands of people’s privacy rights. Holding personal information on individuals without their knowledge, in these circumstances, is a serious breach of the Data Protection Act. Trading people’s personal details in this way is unlawful and we are determined to stamp out this type of activity. Following Kerr’s guilty plea, we are pleased that the case has been referred to the Crown Court.”
Action is also being considered against the 40 or more companies that used the database.
Magistrates yesterday told Kerr’s counsel that the maximum fine of £5,000 for breaking data protection laws was “inadequate” in this case.
Related topics: