#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 22°C Sunday 25 July 2021

Schools forced to remove CCTV systems by Data Protection Commissioner

The Data Protection Commissioner’s report for 2010 says investigation revealed inappropriate access to insurance data as well as two cases where school has to remove CCTV cameras.

Image: Mike_fleming via Creative Commons

A SECONDARY school in Co Kildare has been ordered to remove CCTV cameras from the school bathrooms by the Data Protection Commissioner after his office received complaints about the system, according to the commissioner’s report for 2010.

Commissioner Billy Hawkes said his office also received complaints over the introduction of CCTV cameras inside and outside a primary school in Co Mayo. The system was switched off on the intervention of the commissioner’s office.

Insurance data

The report includes details of prosecutions brought against Tesco for email marketing and against UPC (then known as Chorus NTL) for unsolicited marketing phone calls, but specifically outlines concerns over the level of access available to personal data contained on a system known as Insurance Link.

The system is a shared database containing the details of around 2.5m claims and is used by insurers to cross-reference and share information regarding insurance claims. However, an investigation by the Data Protection Commissioner found a major lack of transparency regarding the system and said “far too many individuals in insurance companies and other entities” had access to the database.

In the annual report, the commissioner lists some of the serious incidents of inappropriate access which the investigation identified, including:

  • a search for information on a noted celebrity who had not registered a claim
  • someone looking up information on their friends
  • searches for people involved in a car accident which was reported in the papers.

The commissioner said that Insurance Link’s switchover from paper to online searches without adequate oversight of access left it more vulnerable to inappropriate access.

He recommends that all of the system’s members initiate a programme to monitor access.

Although Hawkes’ office received 783 complaints last year, down from 914 in 2009 and 1031 in 2008, about three times more data security breaches were recorded last year than in 2009.

Read the Data Protection Commissioner’s 2010 report in full >

Read next: