21.06.18
London council demands credit card details by email
A London council is reviewing its data protection precautions after it was revealed that residents were told to share payment card detail via email.
Islington Borough Council requested that residents pay for parking bay suspensions using a Word document to provide details including their addresses and card security codes.
Information security consultant, Scott Helme, took to Twitter to highlight the security issue.
He told the BBC that it is important to know how many staff had access to any emails that were received, whether copies could have been made, and whether they were properly erased after use.
Under the EU’s General Data Protection Regulation (GDPR), organisations have a legal requirement to take appropriate measures when handling personal details, and those that breach the regulations can face a hefty fine.
The form has now been removed from the council’s website.
An Islington council spokesperson told PSE: “We have begun an internal investigation into the process of applying for and paying for parking bay suspensions.
“In the short term we have removed that form from our website.”
Enjoying PSE? Subscribe here to receive our weekly news updates or click here to receive a copy of the magazine!