Episode 4
BT has confessed to handing over the personal details of more than 500 of its customers to pirate hunters ACS:Law without even securing the list.
According to the BBC, BT surrendered the details following a court order but its actions in not keeping its customers details safe could put it in breach of the Data Protection Act.
ACS:Law is already in hot water and could cop a half a million pound fine if the Information Commissioner decides it has been careless in keeping individuals' details safe.
The firm, which hunts down people thought to have downloaded or shared copyright material illegally, has already seen its lists of 8,000 Sky Broadband customers and a raft of alleged porn users splashed all over the net after its website was hacked by 4chan.
A BT official told the BBC the personal data it sent was ‘unencrypted' but said ‘it would not happen again'. The spreadsheets are believed to have been sent to ACS:Law head honcho Andrew Crossley from a lawyer working for BT in August.
The email revealing the exchange was reportedly leaked as part of 4chan's first batch of emails it posted on the Pirate Bay website, exposing Crossley's private conversations and business dealings.
Prakash Mistry, the lawyer working for BT, allegedly wrote: "In accordance with the Court's Order of 17 February 2010 ("the Order"), please find enclosed the data in accordance with paragraph 1 of the Order. Please acknowledge safe receipt and that the data will be held securely and shall be used only in accordance with the provisions of the Order."
It would seem that BT attempted to pass the buck security wise, but the two lists sent, one of 413 users alleged to be sharing dance track ‘Evacuate the dance floor' and a second of over 130 PlusNet users thought to be sharing porn, were sent out unsecured.
