Timing is everything in data, as in politics

T-Mobile must be the most embarrassed data controller in the UK right now – and the most surprised. The mobile phone company has suggested that employees allegedly sold on contract renewal data for its own customers which were then bought and used for outbound calling. It had voluntarily notified the Information Commissioner’s Office of the data security breach, which is where the surprise comes in.

Usually, the ICO “names and shames” when a prosecution is brought and has resulted in a fine. In this case, it went public before the supposed data thieves have even been brought into court, even though T-Mobile understood that it was working in tandem with the watchdog to resolve the issue.

The scale and impact of the alleged theft may justify this early announcement. It appears that staff were taking data on customer contracts with their expiry dates and selling it to brokers who in turn may have sold it on to T-Mobile’s competitors. Thousands of contract customer records are involved which, with a market value of at least £1 each, will have netted the thieves and their agents a lot of money.

What is clear is that Christopher Graham intends to be active in his role as enforcer of data protection legislation and is moving early to make an impact. He is determined to use the new powers to fine which his office gains from April next year.

Which is where the timing of the T-Mobile theft gets interesting because the ICO does not feel that fines are a sufficient deterrent – he is arguing for the law to be further changed to allow custodial sentences for breaches of the Data Protection Act. He recently made a submission making the case to the Ministry of Justice, which is in the middle of a consultation process over changes to the DPA.

What better to get the attention of legislator’s than a high-profile data theft, involving a household name brand and which directly impacts on ordinary consumers through unwelcome sales calls? Far easier for MPs and public servants to understand than the more abstract issues of compliance and data governance.

The theft from T-Mobile is to be decried and pursued with the full force of law, of course. If proven, it shows that staff are all too willing to cash in by stealing data and that stronger deterrents are needed. What is less certain are the ICO’s motives in going public when the victim of the theft was still presuming the right to privacy.

David Reed, Editor, Data Strategy

Latest from Marketing Week


Access Marketing Week’s wealth of insight, analysis and opinion that will help you do your job better.

Register and receive the best content from the only UK title 100% dedicated to serving marketers' needs.

We’ll ask you just a few questions about what you do and where you work. The more we know about our visitors, the better and more relevant content we can provide for them. And, yes, knowing our audience better helps us find commercial partners too. Don't worry, we won't share your information with other parties, unless you give us permission to do so.

Register now


Our award winning editorial team (PPA Digital Brand of the Year) ask the big questions about the biggest issues on everything from strategy through to execution to help you navigate the fast moving modern marketing landscape.


From the opportunities and challenges of emerging technology to the need for greater effectiveness, from the challenge of measurement to building a marketing team fit for the future, we are your guide.


Information, inspiration and advice from the marketing world and beyond that will help you develop as a marketer and as a leader.

Having problems?

Contact us on +44 (0)20 7292 3703 or email customerservices@marketingweek.com

If you are looking for our Jobs site, please click here