Courts should have the option to send people to prison for illegally accessing or 'blagging' personal data, Information Commissioner Christopher Graham has told a Justice Select Committee hearing.
Graham was reacting to this week's case of former Barclays Bank teller Sarah Langridge who admitted accessing the personal bank details of a customer who had accused her husband of rape, in an attempt to trawl for personal information.
After an investigation by the bank, it was found that Langridge has accessed the victim's bank account files on eight separate dates over eight months throughout the rape court case.
Under Section 55 of the Data Protection Act, the current maximum punishment for such an offence is an unlimited fine in a Crown Court, or £5,000 ($8,000) in a Magistrates Court.
In the event, Langridge was fined £800 plus £400 costs and a £15 victims' surcharge after a hearing on 12 September at Brighton Magistrates Court, a case Graham described as "shocking."
"It beggars belief that in an age where our personal information is being stored and accessed by more organisations than ever the penalties for seriously abusing the system still do not include the possibility of a prison sentence, even in the most serious cases," said Graham.
Describing 'blagging' as a serious crime whose extent had been revealed by a succession of cases in recent times, Graham said he believed that tougher sentencing of the sort that had been amended at the report stage three years ago in the Criminal Justice and Immigration Act 2008, should now be enacted by Ministers.
"This crime has the potential to devastate ordinary people's lives. The existing paltry fines are not enough to deter," said Graham.
The Information Commissioner's Office (ICO) said it had seen an 18 percent rise in the number of allegations of blagging between 2010 and 2011.