Barristers fined for data protection breaches after case papers end up in bin and online

Print This Post

By Legal Futures

16 March 2017


Internet: case papers were accidentally placed online

A criminal law barrister whose case papers were found in bin bags has been fined by a Bar disciplinary tribunal, while the Information Commissioner’s Office (ICO) has fined another barrister after a software update on her home computer placed hundreds of unencrypted client documents online.

Maria Masselis of Linenhall Chambers in Chester was found to have breached the core duty to keep clients’ matters confidential.

The tribunal fined her £750 and said that she “improperly handled documents containing confidential and sensitive information about cases she was instructed and failed to take adequate or appropriate security measures against the disposal of such documents resulting in their discovery in the household refuse bin bags”.

It was explained at the tribunal that the bin bags were discovered by a local authority outside an unoccupied property for collection on bin day.

When the contents were examined, the council was able to identify that the papers originated from Ms Masselis. The matter was then referred to the Bar Standards Board.

A board spokeswoman said: “Inappropriate disposal of client files breaches the core duty barristers have to treat client information confidentially. The tribunal’s decision to fine Ms Masselis £750 serves as a warning to barristers to make sure that they dispose of client files in an appropriate way.”

The Information Commissioner’s Office confirmed to Legal Futures that it did look at the case, but decided against formal enforcement action.

More broadly, a spokeswoman said: “If you are responsible for looking after personal data, you must keep it secure and that includes disposing of it securely too.

“Lawyers handle sensitive personal information, often belonging to people in vulnerable positions. They put their trust in lawyers to look after their data – that trust is hard won and easily lost.”

The ICO fined an unnamed female “senior” barrister after information belonging to up to 250 people, including vulnerable adults and children, was uploaded to the internet when the barrister’s husband updated software on the couple’s home computer.

It came to light after a local government solicitor informed her chambers that documents containing confidential and sensitive information could be accessed online.

Some 725 unencrypted documents, which were created and stored on the computer, were temporarily uploaded to an internet directory as a back-up during the software upgrade.

They were visible to an internet search engine and some of the documents could be easily accessed through a simple search.

Six of those files contained confidential and highly sensitive information relating to people who were involved in proceedings in the Court of Protection and the family court.

Her husband quickly removed the files from the online directory and the internet service provider removed cached information from the internet the following day.

Steve Eckersley, head of enforcement at the ICO said: “This barrister, for no good reason, overlooked her responsibility to protect her clients’ confidential and highly sensitive information. It is hard to imagine the distress this could have caused to the people involved – even if the worst never happened, this barrister exposed her clients to unnecessary worry and upset.”



Leave a comment

* Denotes required field

All comments will be moderated before posting. Please see our Terms and Conditions

Legal Futures Blog

Algorithms and the law

Jeremy Barnett

Our aim is to start a discussion in the legal profession on the legal impact of algorithms on firms, software developers, insurers, and lawyers. In a longer paper, we consider whether algorithms should have a legal personality, an issue which will likely provoke an intense debate between those who believe in regulation and those who believe that ‘code is law’. In law, companies have the rights and obligations of a person. Algorithms are rapidly emerging as artificial persons: a legal entity that is not a human being but for certain purposes is legally considered to be a natural person. Intelligent algorithms will increasingly require formal training, testing, verification, certification, regulation, insurance, and status in law.

August 22nd, 2017