£200,000 fine for exposing possible child abuse victims in classic Cc/Bcc email blunder
The UK’s Independent Inquiry into Child Sexual Abuse (IICSA) has been fined £200,000 for revealing identities of historic child abuse victims in a mass email.
The IICA was set up four years ago to investigate which institutions had failed to protect children from sexual abuse. As you can imagine, many vulnerable people may have communicated with the Inquiry and would have an expectation that their sensitive personal information would remain secure and confidential.
Unfortunately a simple email blunder exposed 90 of the participants, breaching the Data Protection Act.