This is an amazing story in that it happened in the U.K., not the U.S. or somewhere else in the world where privacy legislation is somewhat lacking.
So despite the Data Protection (DPA) legislation in the U.K. There has now surfaced evidence (following a raid) of workers being blacklisted and their personal data stored by a consulting company to for the last 15 years to make this possible.
Around 40 construction companies who subscribed to the scheme would send lists of prospective employees to The Consulting Association, who would then warn them about potential troublemakers. Employers paid £3,000 as an annual fee, and £2.20 for individual details, the ICO said. Invoices to construction firms for up to £7,500 were also seized during the raid.
Not only was the database held without the workers’ consent, but the existence of it was repeatedly denied. This is a direct violation of U.K.s DPA.
Following the raid on 23 February, investigators discovered that the Consulting Association’s database contained the details of some 3,213 workers, the ICO said. Read more on BBC News.