Leaked CV Row Escalates

Leaked CV Row Escalates

• an “In My View” article by NIGEL WARD, keeping readers up to speed on the escalating row over the leaked CVs of the applicants for the Chief Exec post, abandoned by Jim DILLON and now filled by Mr Mike GREENE.

~~~~~

Regular readers will recall my Open Letter to Councillor Steve SIDDONS [Lab.], the new Leader of Scarborough Borough Council, “SBC CEO Job Applicants ‘Potential’ Data Leak” (30/06/19), in which I disclosed that Scarborough Borough Council was in a megaflap over a ‘potential’ breach of personal data – the CVs of the applicants for the position of Chief Executive Officer and Head of Paid Service, vacated by Mr Jim DILLON.

In my follow-up article, “The Great Expanding CV ‘Leak’ Fiasco”, I reproduced a statement from former Councillor Sandra TURNER [Con.] confirming that the leaked CVs had been transmitted to the five members of the Appointments Panel by both hardcopy and as an attachment to an unencrypted email.

This very fact confirms that there was, therefore, a clear potential for a massive breach of the GDPR.

Any potential breach of the GDPR – never mind one of such massive personal sensitivity – MUST be reported to the Information Commissioner’s Office (ICO), within 72 hours. I was first made aware of the leak around the time of the local elections. Out of interest, this is more than 72 days ago. Time passes slowly, there in the swamp.

And yet the Leader is maintaining that there is nothing to report – only “mischief”.

I can now disclose a round-robin email from Councillor Bill CHATT [CIM] to all Councillors, and the three Directors, confirming that he holds evidence that a leak took place and stating that he has been ‘warned off’ from pursuing the issue.

In my view, when Councillors are interacting on their private email addresses, perhaps about a barbecue or a family wedding, then that is private correspondence and emphatically none of my business.

But when they are interacting as Councillors, on their Council email addresses, discussing Council business – especially Council business that has gone critically awry and could attract a massive fine from the ICO – then that is of public concern and if Councillor CHATT takes exception to the Enquirer publishing his email, he can take it up with me over a cup of coffee and a sticky bun. Reproducing his email breaches nobody’s DPA. GDPR remains unsullied. It is in the public interest. Check mate.

But having stated that he expected it to leak – “as everything else does” – Councillor CHATT can hardly complain.

I pause for a moment to consider why anyone would leak information about Council matters running perfectly in order? No. There are leaks because there is subterfuge, dishonesty, incompetence and corruption. Good people want the public to be aware of that.

To my limited knowledge, thus far, only one member – former Leader Councillor Derek BASTIMAN [Con.] – has responded to Councillor CHATT – and, of course, no Officer. I reproduce Councillor Derek BASTIMAN’s response, below, under the same terms and conditions as Councillor CHATT’s:

I think it is only fair to the 46 Councillors for me to confirm that the party who shared these emails with me is not one of the 46 Councillors. As a matter of fact, I believe the same could truthfully be said of the leaked CVs themselves.

I wonder whether or not Councillor Steve “Mr Transparency” SIDDONS – who has neither acknowledged nor responded to my emails on this topic – feels “disappointed and disgusted” at the prospect of a member of Paid Service affording the public at least some transparency over another potential costly SBC failure?

And I expect readers will still want to know:

• WHO leaked the applicants’ CVs?
• HOW could the CVs have been sent out attached to unsecure (i.e. unencrypted) emails?
• WHY were the CVs leaked (to whose benefit – or detriment)?
• TO WHOM were the CVs leaked?
• WHEN will the CVs surface?

To this last question, my best guess would be – September.