not surprised on either front
Considering BT got away with the whole Phorm thing, its no surprise that ICO once again doesn't care what they do.
BT has been cleared of a serious data protection violation by the UK's privacy watchdog, The Register has learned. A probe into the one-time national telco's webmail system was carried out by the Information Commissioner's Office after a whistleblower exposed evidence that appeared to show BT's customer email accounts were …
I assume the problems with spammers and the old BT mail are the same as with yahoo mail, so not entirely BT's fault - there's something badly wrong with yahoo/BT as accounts have been getting hacked for a couple of years at least, usually resulting in a slew of "Help, I'm at a conference in Nairobi and my wallet and airticket have been stolen" emails.
I hope the new BT mail will be better, but it's not looking good - I've had complaints from at least four or five people moaning that after the migration their e-mail is unusable - 10 minutes to download a message, time-outs when trying to send etc. I just tell them to phone BT support.
I love how these big companies always try to make it sound like only a couple of folk have been affected by their outages - BT aren't the only ones, Microsoft and others do it as well - by releasing statements like "A minority of our customers may have suffered some inconvenience" when what they mean is "Thousands of our customers were unable to access our services".
Your logic is infallible.
By definition, a small company will only have a small number of users so even if a significant percentage of their users are affected it is still only a small number.
BT on the other hand has about 7 million broadband customers so if this impacted just 1.4% of them that would make it 100,000 customers affected. The article describes the number as "struck thousands of" which I would put in the range of 2,000 to 20,000. Any more than 20,000 and I would expect it to be described as "struck tens of thousands of". This means that, as a percentage of their user base, it struck between 0.03% and and 0.29% of customers. BT are correct and accurate in describing it as a minority.
What in-house resources? The great majority of development and support is off-shored in an attempt to keep costs down. Buying in solutions from specialists is the norm in business these days due to economies of scale (did you not notice the previous system was run by Yahoo! ?).
Yes, But it doesn't have to be this way... I don't think outfits like BT should be getting Govt subsidies all the while outsourcing at full stretch just for a shitty'er service... This is shortermism at its best, and its all so that executives can clock their bonuses and leave....
...they should get on with fixing the problems they're having with customers who are being forced to create a BT.com ID (which is separate from a BTInternet email address) merely in order to access their email. Or customers who are unable to do said update because of the flakiness of the BT systems. Or customers whose accounts - old and new - have been hacked because of the abysmal security BT has in place in India. Or any one of the many, many problems I deal with in a typical month from poor, long-suffering BT customers.
Some examples...
BT/Phorm - no ICO enforcement despite covert trials of Russian supplied spyware monitoring the content of customers' private/confidential web browsing, without consent from sender and recipient.
BT/ACS law - no ICO enforcement action despite BT sending an unencrypted email full of sensitive customer data, and despite a court order requiring that data to be encrypted and sent on physical media.
BT/email - again... no ICO enforcement action despite months of security failures that put customers at risk of identity theft.
I'm not sure what it would take to cause the ICO to enforce the Data Protection Act against BT.