ACS:Law’s owner fined just £1000 for data leaks

June 2011


Andrew Crossley, former principle of ACS:Law, the legal firm which had previously targeted alleged P2P file sharers,  has been fined £1,000 by the Information Commissioner’s Office in relation to the data-spill that occurred from ACS:Law’s servers, which revealed personal details about over 6,000 suspected file-sharers. The data spill occurred after ACS:Law accidentally published private data about potential defendants  when their servers were targeted by a Distributed Denial Of Service attack by those who opposed the law firm’s tactics. The ICO’s investigation showed Crossley had taken no professional advice when setting up his server, had no firewall and was relying on a web security package designed for domestic use. However the much lower fine was applied because ACS:Law no longer exists and Crossley seemingly pleaded “limited” financial resources.  A fine of up to £200,000 could have been imposed. PC Pro magazine has reportedly asked the ICO how they verified Crossley’s “circumstances”.
More on data – the three-strikes system administered by the Hadopi agency in France was put on hold in mid-May after a data spills. The agency was recently sending 5,000 warning letters per day to suspected file-sharers, but the letter sending was halted when it was revealed the company collecting data on suspected file-sharers for Hadopi had suffered a data breach.

No Comments

Comments are closed.