Information watchdogs have searched two Liverpool addresses as part of a probe into personal data sold to solicitors.
The Information Commissioner’s Office said the business targeted was suspected of carrying out high volumes of data-farming activity, known as blagging or vishing. It is alleged that motor accident victim data has been illegally obtained since 2017, with the details sold to solicitors for personal injury claims. A business and residential address were searched, with computer equipment and documents seized and analysed for evidence.
The investigation could have repercussions for any firms found to be involved. The SRA has previously warned that it will prosecute firms who have secured clients through cold-calling or from third parties who obtained clients details illegally.
Mike Shaw, ICO group manager, said: ‘Today’s searches will fire a warning shot to businesses who operate outside the law by engaging in data farming. The evidence seized will help us identify any illegal business activities and assist us to take enforcement action.’
Vishing involves using the telephone in an attempt to obtain private, personal and financial information during what seems like a normal conversation. Callers may often pose as policy-holders, claimants or other companies in a position of trust.
The ICO says vishing calls to the insurance industry are frequently made by marketing firms or claims management companies, getting enough information from the conversation to allow a personal injury conversation to be initiated.
Today’s action follows a six-month investigation, which remains ongoing, in partnership with the Insurance Fraud Bureau. While the ICO has powers to bring criminal prosecutions under data protection legislation, it does not have powers of arrest. Since May 2018, the ICO has had the power to fine businesses up to £17m or 4% of global turnover.
The alleged offences are contrary to section 170 of the Data Protection Act 2018.