Despite being held responsible for one of the UK’s largest-ever data protection breaches, Andrew Crossley, owner of the now defunct ACS:Law, has managed to outmaneuver the authorities again.
Last year the company succeeding in spilling the details of around 6,000 Internet subscribers (and alleged pirates) onto an unprotected web page following a Denial of Service attack carried out by Anonymous.
In May this year, Information Commissioner Christopher Graham announced he would be fining the company due to their incompetence.
“The security measures ACS Law had in place were barely fit for purpose in a person’s home environment, let alone a business handling such sensitive details,” he said.
For this, Crossley should have picked up a £200,000 fine, but after pleading poverty the ICO reduced his penalty to just £1000.
Now, according to ICO comments reported by PC Pro, it seems doubtful that Crossley will pay a single penny.
The ICO offer discounts for prompt payment of fines – in Crossley’s case that would have reduced his liability to just £800 – but they confirm that since he is subject to a bankruptcy order he is “thus not able to pay.”
Since Crossley apparently has zero funds, it will be interesting to see what he uses to fund his upcoming defense against the Solicitors Regulatory Authority who are accusing him of misconduct.