Watchdog cautions on data scam firm

The Data Protection Commissioner has warned of a British-based company offering services to Irish firms wishing to register under…

The Data Protection Commissioner has warned of a British-based company offering services to Irish firms wishing to register under the Data Protection Act.

Mr Joe Meade said a firm called Data Protection Act Registration Service was mailing Irish companies and urging them to visit its "bogus website and to register under the Data Protection Act".

Under the Act, Irish firms storing personal information on staff and customers on computer must register with the commissioner. The registry is then made public and members of the public can see what information is held by what companies.

A statement from Mr Meade's office said the "bogus website, which is similar to the Commissioner's official website address, provides inaccurate and unreliable information regarding registration requirements under the Data Protection Act".

READ MORE

The statement added that, even if a targeted firm had to register, availing of the service from the British group would mean paying exorbitant fees, far higher than the official fee.

Assistant commissioner Mr Ronnie Downes said the registration fee charged by his office was €25 but the British-based firm was charging €120. Mr Meade wants to make it clear that the British company has "no connection whatsoever with my office or indeed with any official body".

"The information provided by this company about 'registration' or 'notification' is inaccurate and misleading."

He added that any company with queries about registration should contact his office.

The Institute of Chartered Accountants in Ireland (ICAI) said it had been contacted by several of its members who had been approached by the British company.

ICAI chief executive Mr Brian Walsh said his organisation immediately alerted the commissioner, who warned them about the British company.

The office of the Data Protection Commissioner was established under the 1988 Data Protection Act.

The Act sets out the general principle that individuals should be in a position to control how computer data relating to them is used.

The commissioner maintains a register, available for public inspection, giving general details about the data-handling practices of data controllers in Government departments and State-sector bodies, financial institutions, and any person or organisation who keeps sensitive personal data.

Conor Lally

Conor Lally

Conor Lally is Security and Crime Editor of The Irish Times