Details of 12,000 buy to let owners removed from website pending investigation
The details of 12,000 buy to let landlords – posted online by a council following a Freedom of Information request – appear to have been removed pending an investigation.
As of yesterday evening the details, which had been placed on the WhatDoTheyKnow.com website, had been removed.
First highlighted via Property Tribes last Friday, the authority had released the details following a FOI request from someone called Steven Barron, whose approach to the council is also set out on the WhatDoTheyKnow site. His letter reads: “Dear Reigate and Banstead Borough Council, I’m looking to get information on landlords with properties in Reigate & Banstead, we are looking to buy properties from sellers in this location. I require name/address and contact number of these landlords. Yours faithfully, Steven Barron.”
The website initially posted the details – all 12,000 of them – but they have now been removed and replaced with the wording: “This message has been hidden. Potential accidental bulk release of personal information – removed from public view while we consider and investigate. Please contact us if you have any questions.”
A statement was then posted on the Residential Landlords’ Association’s website saying that as soon as it knew of the release of the details “we acted immediately to ensure this breach of personal details was investigated and removed.”
The RLA statement continues: “We raised our serious concerns over the data breach and which in our belief was a breach of the Data Protection Act. Because of our actions the council have subsequently removed the data from the public domain.”
This incident not only highlights the amount of data councils collect on landlords but also the worrying way they handle it.
This is a definite breach of the Data Protection Act, the 8 principles clearly state:
1. Personal information must be fairly and lawfully processed.
2. Personal information must be processed for limited purposes.
3. Personal information must be adequate, relevant and not excessive.
4. Personal information must be accurate and up to date.
5. Personal information must not be kept for longer than is necessary.
6. Personal information must be processed in line with the data subject’s rights.
7. Personal information must be secure.
8. Personal information must not be transferred to other countries without adequate protection.
Working closely with the ICO, we more than understand the importance of dealing with data safely and securely. Which is why at Tenant Referencing UK we do not pass on or sell any sensitive data on to third parties. We don’t even pass on any sensitive data to our community of landlord and letting agent members!
And this is why we offer the most thorough and far reaching tenant referencing around.