Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Bristol Post
Bristol Post
National
Estel Farell Roig

Bristol City Council apologises for data breach in response to Clean Air Zone applications

Bristol City Council has apologised after a data breach relating to Clean Air Zone applications. The incident - which saw around one hundred people's email addresses being disclosed in a mass send-out - has been referred to the Information Commissioner’s Office.

Phil, from Brislington, was one of those people who was copied into the email last week. The dad said he submitted his application for a grant ages ago in case he was able to get some support towards a new car.

The resident said that, in their response saying he was not eligible for the CAZ's financial assistance scheme, Bristol City Council CCed in 95 other people. Straight away people started responding in the email chain to say that was a data breach, he continued, and later on that day they received an apology from the council.

Read next: Social worker barred for dishonesty and misconduct

"I was just a bit annoyed by it," he continued. "They are giving out your personal email as well as an indication of what you earn which is quite personal information.

"I think it is carelessness - someone clearly just made a mistake. But you would think they would have policies and procedures in place to prevent this from happening.

"They are most likely to be handling personal data every day - this is bread and butter stuff. It is just frustrating."

The email chain, seen by BristolLive, shows the council apologising for the data breach on the afternoon of October 17. It says: "Apologies for sharing email addresses in this previous email. This was sent in error, and should have been sent as a blind copy.

"We have now attempted to recall this email, but please delete this and do not respond to all. This will be reported to our data controller as part of our data protection policy."

A spokesperson for Bristol City Council said: “We are aware that a breach of the General Data Protection Regulation (GDPR) has occurred and we have been in contact with those affected and have apologised. This case has been referred to the Information Commissioner’s Office (ICO) in line with the accepted process for reporting data breaches and we will comply fully with their protocol.”

Back in 2020, the names and email addresses of children who are disabled or have special educational needs were sent out in a mass email following a council blunder.

Read next:

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.