T-Mobile admits employee sold private data

LONDON (Reuters) - A employee of mobile phone operator T-Mobile is facing prosecution after selling personal details of thousands of British customers to rival companies in an alleged major breach of data protection laws.

A woman uses her mobile telephone as she passes a Nokia advert in London July 20, 2009. REUTERS/Luke MacGregor

In a statement, T-Mobile UK, part of Deutsche Telekom AG , said it had contacted the Information Commissioner’s Office (ICO) after discovering an employee was passing on the information and it believed the investigation would result in a prosecution.

“While it is deeply regrettable that customer information has been misappropriated in this way, we have proactively supported the ICO to help stamp out what is a problem for the whole industry,” T-Mobile said on Tuesday.

Information Commissioner Christopher Graham said the data was sold for “substantial amounts of money” to brokers working for other mobile phone companies.

The privacy watchdog said it planned to prosecute and would push for jail terms for anyone convicted.

The watchdog said staff sold details relating to customers’ phone contracts, including their names and addresses and contract expiry dates.

Rival companies bought the information and used it to make cold calls to the customers offering them a new contract with a new network, the Information Commissioner’s Office said.

Related Coverage

“Many people will have wondered why and how they are being contacted by someone they do not know just before their existing phone contract is about to expire,” Graham said in a statement.

“We are considering the evidence with a view to prosecuting those responsible and I am keen to go much further and close down the entire unlawful industry in personal data.”

The watchdog has searched several premises after obtaining warrants and is preparing a prosecution file.

Many thousands of customers’ account details were illegally obtained, the company told the watchdog. Graham said the practice was highly profitable, but illegal under Section 55 of the Data Protection Act.

“The existing paltry fines for Section 55 offences are simply not enough to deter people from engaging in this lucrative criminal activity,” he said. “The threat of jail, not fines, will prove a stronger deterrent.”

Editing by John Stonestreet and David Holmes