The results of an undercover report on the unregulated private detective industry by Dispatches was shown on Channel Four last night. The programme highlighted the ease and extent by which private investigators are able to obtain personal information about their targets.
The programme demonstrated private detective firms paying for highly sensitive personal information, some of which is only stored on government databases, including criminal records, national insurance numbers and medical histories.
The report revealed a number of different methods used by the investigators including obtaining data by pretending to be the target on the phone (known as "blagging") and using internal "contacts" at government agencies to provide the information for a fee.
The Data Protection Act 1998 ("DPA") states that it an offence to "obtain or disclose data without permission or procure the disclosure to another person" (section 55 DPA). However, there is an exemption under the DPA which permits the unlawful access to data where it is in the public interest or is for the prevention or detection of crime (section 29 DPA).
Although the investigation was aimed at sparking debate on the need for increased regulation of the private detective sector, it raises serious concerns about the existence of the black market for personal data and whether the DPA is robust enough to tackle the problem.
There are a number of steps we can all take to minimise the risks of data protection fraud, these include; using unusual passwords and security information instead of the usual (i.e. your mother's maiden name or the name of your pet dog), changing your passwords frequently and using different passwords for different accounts. Also, if you are contacted by a third party requesting information, before divulging any personal information, take steps to verify they are who they say they are (i.e. take their details and call them back) and be sure to complete all security checks.