back to article You've got to be kitten: Vet recruiter told to pay £1k after pinching info from ex-employer

A vet recruitment consultant who squirrelled away the personal details of almost 300 people from his former employer was today slapped on the wrists by the UK's information watchdog. Daniel Short, a recruiter from Devon, left VetPro Recruitment in October 2017, but set up a new company called VetSelect shortly afterwards. …

  1. I Am Spartacus

    Did he have to delete the data

    If not, £1000 for 16,000 validated contacts in the specific domain area seems remarkably cheap.

    1. Anonymous Coward
      Anonymous Coward

      Re: Did he have to delete the data

      he only took 272.

      The others could of been "legitimately" bought or people signed up.

      1. Symon Silver badge
        Headmaster

        Re: Did he have to delete the data

        Someone needs to make a '[c|sh|w]ould of' detector, that auto-suggests to '[c|sh|w]ould have'.

        1. Anonymous Coward
          Joke

          Re: Did he have to delete the data

          I like to think as myself as a Shakespearean type character, moving the English language along. Luckily for Shakespeare, pedants didn't have access to forums back then.

    2. Anonymous Coward
      Anonymous Coward

      Re: Did he have to delete the data

      I just read the details (now I had chance).

      The 16,000 was the number of contacts in his previous employers database, of which he stole 272 records.

  2. Anonymous Coward
    Anonymous Coward

    Neigh, Neigh and thrice Neigh.

    1. Korev Silver badge
      Coat

      Is that the mane part of the tail?

      1. VinceH Silver badge

        I expect it was just an off the hoof remark.

        1. Symon Silver badge
          Coat

          It's not hard to become a horse vet.

          http://cameron.kangaweb.com/jokes/Farside/vet.jpg

          1. Anonymous Coward
            Anonymous Coward

            Do you work for the glue factory board?

  3. 2+2=5 Silver badge

    Sheepish

    > The recruiter, no doubt feeling rather sheepish

    Yeah, but until he got caught he was puffin out his chest about successfully aping his previous employers.

    1. Dodgy Geezer Silver badge

      Re: Sheepish

      What a donkey!

      1. lglethal Silver badge
        Joke

        Re: Sheepish

        £1000 fine is hardly going to put him in the doghouse.

  4. Gordon Pryra

    Data protection laws are there for a reason

    "Data protection laws are there for a reason and the ICO will continue to take action against those who abuse their position."

    Fine, but the level of "action" means the ICOs interference will just be seen as a cost of doing business.

    Until that "Action" is a deterrent, you may as well just add a surcharge to companies for them to pay the crown yearly.

    1. Killfalcon Bronze badge

      Re: Data protection laws are there for a reason

      You're probably going to be very interested to hear about this little-known new law called the "GDPR", the Giraffe, Dogs and Pigs Regulations that provides additional penalties to vets who duck about with people's personal details.

      [actually I'll be honest I don't know which bits of the GDPR hit folk who lift data rather than smacking folks who allow it to be lifted, but I'm sure it'll be in there somewhere]

    2. Anonymous Coward
      Meh

      Re: Data protection laws are there for a reason

      "Fine, but the level of "action" means the ICOs interference will just be seen as a cost of doing business."

      This is a small time outfit set up late last year. It seems to have got through a couple of "senior" staff in that short time.

      https://beta.companieshouse.gov.uk/company/10973946

      Even if GDPR had been in place I doubt it would been much different an outcome. He's been fined and has a criminal record.

      Unless of course you propose hanging like many on here would.

      1. Anonymous Coward
        Anonymous Coward

        Re: Data protection laws are there for a reason

        My understanding is that one of the goals of the GDPR is to substantially raise the maximum amount of the fines (and harmonize that minimum across the EU). So hopefully, those relatively low figures are the last of their kind.

    3. Doctor Syntax Silver badge

      Re: Data protection laws are there for a reason

      Until that "Action" is a deterrent, you may as well just add a surcharge to companies for them to pay the crown yearly.

      Up to now this behaviour has probably been seen as standard practice by a lot of salesdroids. This case should be a warning that it isn't. Although the fine in this case might be low* don't expect it to be as low under GDPR and don't expect it to be low for repeat offenders.

      * You also have to factor in that a guilty plea brings a reduced fine.

  5. Horridbloke

    Standard practice sadly

    This seems to be entirely normal behaviour among recruiters. Mind you they seem to be drawn from the same pool as estate agents and car salespersons.

    1. Anonymous Coward
      Anonymous Coward

      Re: Standard practice sadly

      I met an honest estate agent once, which was a deeply unsettling experience. I'm sure there's probably a flat-earther working for a space agency somewhere too, just on the numbers, but still, you never expect to actually meet them yourself!

      They specialised in selling very nice houses to very rich people. Seemed that at that level the need to rush or deceive vanishes into the cavernous depth of your fees, and the value of reputation.

      1. Anonymous Coward
        Anonymous Coward

        Re: Standard practice sadly

        "the need to rush or deceive vanishes into the cavernous depth of your fees, and the value of reputation."

        Or the fact they have lawyers and us plebs don't.

  6. Anonymous Coward
    Anonymous Coward

    Which victim

    got the £35 ?

    1. Blockchain commentard Silver badge

      Re: Which victim

      I was about to ask if the £35 was split between all 272 victims - less than 13p each.

  7. not.known@this.address Bronze badge

    hold on a minute...

    ...If I give my details to recruiter Jack Schmidt when he works for 'Jobz-R-Uz' and he takes my details when he sets up 'Employment Pimps UK', how come he can't claim it's all legal and above board because my initial contact was through him, regardless of which company he worked for at the time?

    And was this fine because he misused people's personal information (to find them work... surely why they handed it over in the first place??) or as punishment for "stealing" the data from his previous employer? I guess the acid test would be, how much did the "victims" whose information he "stole" get, how much did his previous employer get, and how much did the 'court' keep?

    (Disclaimer - I don't work for any of the parties involved, I'm certainly not a vet, and I'm sure there's little similarity between what vets do to pets and what employment agencies do to their 'clients'...)

    1. Killfalcon Bronze badge

      Re: hold on a minute...

      As a general rule (there are some limited exceptions, and always well defined in contract), when you do work for a company, the work, and the results of the work, belongs to the company (and you get paid). Jack Schmitt gathered the details on behalf of his then-employer, and they paid him for it.

      It wasn't his data to take with him, hence the whole getting-fined thing.

      1. Anonymous Coward
        Anonymous Coward

        Re: hold on a minute...

        Also the details were given to company XYZ, not Jack. Therefore, quite rightly, you don't expect them to end up in another companies database without your approval.

  8. chivo243 Silver badge
    Facepalm

    3 fivers and change?

    per record. I did the math...

    Why do I see GDPR as a Fawlty Towers skit? He took the data.... but, but, he left the door open... but, but he took the data ~ ad nauseam

    1. Killfalcon Bronze badge

      Re: 3 fivers and change?

      Not a clue - nothing about the GDPR says to me that it would get cyclical. Both parties would be in breach of different bits of the GDPR, and at best they'd be able to argue for a reduced fine because the other party was partially culpable.

      1. gerdesj Silver badge

        Re: 3 fivers and change?

        GDPR doesn't apply yet. This would have prosecuted according to the provisions of the Data Protection Act.

        1. Spanners Silver badge
          Big Brother

          Re: 3 fivers and change?

          If someone breaks the DPA law today, but doesn't get caught until next week, will he be done under the DPA or the GDPR?

          I was just wondering if the authorities are sitting on the good ones until after the weekend.

          1. Anonymous Coward
            Anonymous Coward

            Re: 3 fivers and change?

            "https://en.wikipedia.org/wiki/Ex_post_facto_law#United_Kingdom"

            "Retrospective criminal laws are prohibited by Article 7 of the European Convention on Human Rights, to which the United Kingdom is a signatory, but several noted legal authorities have stated their opinion that parliamentary sovereignty takes priority even over this"

            So going by that the DPA is still the law that applies.

            However I should add, that by holding onto that data that is illegally obtained, then that itself would fall under the new laws.

            Disclaimer: If a lawyer is using a Wiki article as your defense, get a new lawyer.

            1. Symon Silver badge

              Re: 3 fivers and change?

              "Retrospective blah blah blah"

              Although, interestingly, this:-

              http://news.bbc.co.uk/1/hi/uk/4406129.stm

              "The change will apply retrospectively, so someone could face a second trial if evidence such as DNA material, new witnesses or a confession came to light."

              So, it used to be that if you were aquitted in England and Wales, that's it. But when double jeopardy was axed, people were subsequently convicted of offences commited when double jeopardy was still in place. Of course, the crime they were eventually convicted of was still a crime then, but there's still a retrospective angle here.

              https://www.gazettelive.co.uk/news/crimes-shook-teesside-double-jeopardy-6350545

  9. Velv Silver badge
    Headmaster

    LinkedIn

    Perpahs the vet world doesn’t use LinkedIn, however it appears every single IT recruiter has asked me to link, and they shift between agencies regularly, so it would be hard to prove any of them “stole” the details from a previous employer.

    Or are they meant to de-link when they move employer?

    1. Cederic

      Re: LinkedIn

      The correct answer is: Do not accept the LinkedIn invites from recruiters.

      Always assume IT recruiters are immoral unethical corrupt scum and keep them at a safe distance.

  10. ratfox Silver badge
    Happy

    Nice to see that people do want to hire veterans!

  11. Symon Silver badge
    Go

    Should've gone to California.

    https://www.littler.com/publication-press/publication/you-cant-do-what-california-summary-californias-virtually-nonexistent

    "The California Supreme Court found that section 16600 "unambiguously" dictates that even partial restraints on the ability of employees to practice their profession are prohibited. Thus, the Edwards court not only declared the noncompete provision void, but the California Supreme Court also held for the first time held that customer nonsolicitation clauses were also void."

    All he would have had to do was remember the clients, rather than nick the database.

    1. Anonymous Coward
      Anonymous Coward

      Re: Should've gone to California.

      I thought is was pretty standard practice for a salesperson/recruiter to take their contacts list with them when they move.

      Might not be legal but it definitely happens as the old Rolodex is a goldmine of pre vetted hot leads with people who already know the person and like to spend their peanuts.

      1. Doctor Syntax Silver badge

        Re: Should've gone to California.

        "Might not be legal but it definitely happens as the old Rolodex is a goldmine of pre vetted hot leads"

        And the GDPR (just like the old DPA) applies to the Rolodex, little black book or whatever. Data is data whatever the technology.

  12. Anonymous Coward
    Anonymous Coward

    Sales Droids, Huh!

    Used to work for a very large software reseller.

    I once found an unusual Excel file in our outgoing email filters (paranoid company, hence anon.).

    Reported it to IT Manager. They were not impressed when I showed them the content of said file.

    IT Manager went to HR, who were equally unimpressed.

    HR went to sales droids desk, who handed over their ID / access badge and walked out.

    The file? It contained 15000 contacts, a data dump of every contact held for an industry sector.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019