“Millionaire” Andrew Crossley escapes ICO fine as he is “Poor” UPDATE 3

When the ACS:LAW scandal broke, the lives of thousands of people were turned upside down, up until that point people had been upset with letters threatening to take them to court for fictitious file sharing,

But September last year things turned even more bizarre as ACS:LAW released an archive of their emails online.  This date breach exposed up to 10,000 peoples names addresses and credit card details alongside their names being linked with vile pornographic material.

On the 28th September the ICOs head Christopher Graham was salivating over the issue saying

I can’t put ACS: Law out of business, but a company that is hit by a fine of up to half a million pounds suffers real reputation damage.”

Indeed the ICO had been given powers to fine companies £500,000, they messed up with the BT data breach because they said that It was an individual at fault and NOT BT, Hmmmmm. Things did not bode well for the ACS:LAW investigation.

The ICO decided the case against ACS:LAW stating:

“The security measures ACS Law had in place were barely fit for purpose in a person’s home environment, let alone a business handling such sensitive details.”

Wow powerful stuff right?

The ICO went on 

“As Mr Crossley was a sole trader it falls on the individual to pay the fine. Were it not for the fact that ACS Law has ceased trading so that Mr Crossley now has limited means, a monetary penalty of £200,000 would have been imposed, given the severity of the breach. Penalties are a tool for achieving compliance with the law and, as set out in our criteria, we take people’s circumstances and their ability to pay into account.”


“Were it not for the fact that ACS Law has ceased trading so that Mr Crossley now has limited means, a monetary penalty of £200,000 would have been imposed”

Hmmm so Crossley gets to CLOSE his company the very action which brought derision from Judge Birss along with many man people who had been affected by his nasty letters, and he gets off with a grand to pay becuase of this deception?

The ICO goes on to say:

The ICO’s investigation found serious flaws in ACS Law’s IT security system. Mr Crossley did not seek professional advice when setting up and  developing the IT system which did not include basic elements such as a firewall and access control. In addition ACS Law’s web-hosting package was only intended for domestic use. Mr Crossley had received no assurances from the web-host that information would be kept secure.

While the firm should have been aware of their obligations under the Data Protection Act, they continued to act negligently and failed to ensure that appropriate technical and organisational measures were in place to keep personal information secure.

This is worse than outrageous, as ACS:LAW actually used the fact that people had not secured their home systems and used the fact against them.  They did not care if an elderly person had not secured their router or modem or their computer, it was the persons fault and they were held to account for being negligent by ACS:LAW.

Andrew Crossley must be laughing at this and the rest of us now.  A measly £1000 penalty for a man who bragged of making over £1,500,000 in a year, and who lavished expensive cars on himself and his girlfriend, this is a joke.  A man who lives in a 7 bedroom house worth nearly a million pound yet he pleads poverty? The ICO has let us all down. They are unfit for purpose.

Indeed £1000 is less than the price of just two of his letters that he sent out to the general public.

The interview with Christopher Graham can be seen here, please don’t hold a hot drink whilst watching the sheer disconnect between the interview and the reality might just choke you.


An excellent post on this subject can be found here

UPDATE: To add insult to injury it is revealed that IF Andrew Crossley pay his “Penalty” by June 6th 2011, he will receive an “Early pay Bonus” of 20% meaning he will only have to pay £800.

UPDATE 2 :See below for the ICO Ruling

UPDATE 3: For those of you who wish to comlain about this ruling

To Complain to the ICO themselves: http://www.ico.gov.uk/complaints/satisfied_with_our_service/complaints_and_compliments.aspx

To write to your MP: http://www.writetothem.com/

About Hickster

I am one of the many innocent people who have been accused of file sharing by Copyright Trolls, my letter came from the now infamous ACS:LAW, but they have now been emulated by many more using the same system. Their ruse is simple, Send out letters of claim with NO Real evidence beyond an IP address that they claim was captured using a frowned upon hack of Shareaza. My REAL opinion of these companies turned when they started sending out Pornography claims, THAT is what I find most disturbing. People who HAVE to pay up without the option of having their day in Court. THAT is NOT Justice. Why can't they just go to Court? because the Lawyers, pitch the price of paying the "Compensation" at about the same rate as hiring a lawyer to fight it. Things have changed in the last 8 years though. I would advise people to read the "Speculative Invoicing Handbook Part 2", research these people yourselves, and find me at Slyck Forums, or on Twitter. Do NOT Worry, Stand Strong
This entry was posted in ACS LAW Letters and tagged , , , , , , , . Bookmark the permalink.

5 Responses to “Millionaire” Andrew Crossley escapes ICO fine as he is “Poor” UPDATE 3

  1. Jaz says:

    Thnka for the excellent coverage of ACS Law, I have been waiting a while on this judgement and actually feel let down by the ICO for passing such a low fine. This was an opportunity for the ICO to show that it was not a toothless dog, and also, that it would not tolerate breaches to an individuals right to privacy.

    All this decision has shown, is that (a) the ICO has no power and no desire to use any ‘supposed’ power it has been given and (b) it is okay for businesses and sole traders to carry on completely ignoring the DPA.

    The fact that this person ending up making most of his money from the poorest in society is disgraceful, and the way they have been treated by ACS Law is a complete sham. The ICO should have given a substantial fine regardless of Crossleys own financial situation, just the same as Crossley ignored the financial situation of the people he was targeting.

    The ICO should have been fined a large amount, but let him pay it in installments, that at least would have been some justice. The ICO has definitely failed on this one, and I am sure this news will leave the victims of ACS Law feeling very bitter.

    Thanks again for the excellent coverage, and I’ll now visit the 2 links you posted, cheers 😉

  2. zoomboy says:

    ICO – Incompetent Clueless and Obsolete!

    What a complete farce. So remember guys, if ever you’ve done something wrong just fold your business and you’re untouchable – lesson learned.

  3. Nick says:

    Thanks for your excellent coverage as usual. Is there nothing to be done to persuade the ICO to look again? Or any benefit in complaining so that the guy who made this decision loses his job on the grounds of being incompetent? Do the views of those who’ve had their personal details spewed out of ACS’s database count for nothing?

  4. Hickster says:

    Thanks for the comments, just want to get this out there!

  5. Andrew says:

    The frustration here is that the people who should have known better i.e. Sky and BT released information to a tin pot company without doing any due diligence. Companies like this only thrive through the stupidity of organisations like Sky and BT. A 5.99 a month hosting service – come on. Anyway thanks for the update. I will writing to the MP and ICO.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s