There are many theories about the identity of Charlotte Fakes and even more about where she obtained her information. I am not aware of anyone suggesting that anything Charlotte has revealed has been anything other than genuine – if the suggestion was that it was faked then I am sure this would have been trumpeted from the rooftops.
Bizarrely a lot of the coverage (especially on blogs and message boards) has been about the “clear” breaches of the Data Protection Act which Charlotte must be guilty of (at least according to those very same commenters).
As I wrote last week, the DPA is not this mighty raft of legislation capable of crushing all in its path. Instead it is a horribly convoluted piece of law-making which needs a packet of headache tablets and a darkened room to understand properly.
One thing though which is very clear (at least in principle) is the duty imposed on a “data controller” to take action when they experience a security breach. Continue reading