INSUBCONTINENT EXCLUSIVE:
Image copyrightGetty ImagesPregnancy club Bounty UK has been given a £400,000 fine for illegally sharing the personal information of more
than 14 million people.The fine was issued by the Information Commissioner's Office (ICO) in what it said was an "unprecedented" case.Bounty
compiled personal data but did not tell people that it was shared with 39 other organisations, said the ICO.Bounty said it "acknowledged"
the ICO's findings and had now made changes to how it handled member data.The Bounty pregnancy and parenting club offers free samples,
vouchers and guides to prospective and new parents via packs given out in hospitals or sent to people who use its apps.Bounty gathered
information from apps, its website, cards in merchandise packs and from new mothers in hospital
The ICO said that while many knew Bounty as a pregnancy club, few knew that it was also a data broker supplying information to third parties
that would use it to fine-tune direct marketing
Bounty breached the 1998 Data Protection Act by not being "open and transparent" with people about what would be done with their personal
data.Image caption
Bounty took data in hospitals and from apps and merchandise packs
It shared 34.3
million records from June 2017 to April 2018 with 39 organisations including marketing agencies Acxiom, Equifax and Indicia.The data shared
was of "potentially vulnerable" people including new mothers and very young children, said the ICO."The number of personal records and
people affected in this case is unprecedented in the history of the ICO's investigations into the data broking industry and organisations
linked to this," said Steve Eckersley, the watchdog's director of investigations.Mr Eckersley said the "careless" data-sharing was likely to
have caused distress to many people because they did not know it was being shared so widely
Jim Kelleher, Bounty's managing director, said: "In the past, we did not take a broad enough view of our responsibilities and as a result
our data-sharing processes, specifically with regards to transparency, were not robust enough."He added that the ICO had recognised that
Bounty had changed its data-handling policies and that it now kept fewer records for less time
It had also ended relationships with all data brokers
Staff had also been trained to handle data to comply with the latest legislation.In addition, said Mr Kelleher, Bounty planned to appoint an
independent data expert to carry out an annual survey to ensure it did not breach data protection laws.
