Saturday, June 14, 2025

Fusion and AI: The Role of Private Sector Technology in Advancing ITER

Strengthening Retail: Strategies for UK Brands to Combat Cyber Breaches

Apple Encryption Debate: Should Law Enforcement Use Technical Capability Notices?

Sweden Receives Assistance in Strengthening Its Sovereign AI Capabilities

MPs to Explore Possibility of Government Digital Identity Program

Cisco Live 2025: Essential Networks for the Future of AI

UK Finance Regulator Partners with Nvidia to Enable AI Experimentation for Firms

June Patch Tuesday Eases the Burden for Defenders

Labour Pledges £17.2 Million for Spärck AI Scholarship Program

Law student faces unjust disciplinary action for reporting data breach mistake

A former student at the Inns of Court College of Advocacy (ICCA) was reprimanded by the college for responsibly reporting a security error that exposed sensitive information about students. Bartek Wytrzyszczewski faced misconduct proceedings after discovering a data breach affecting nearly 800 past and present ICCA students. As a result, he decided to leave the ICCA and continue his training elsewhere.

The college notified the Information Commissioner’s Office (ICO) of the breach, which allowed students to access personal data such as email addresses, phone numbers, academic records, ID photos, and sensitive information like health records and visa status. Despite Wytrzyszczewski’s prompt reporting of the issue, the college downplayed it as a “technical issue”.

Wytrzyszczewski was required to give a written undertaking not to disclose any information he found before facing misconduct proceedings. He expressed frustration with the college’s handling of the situation, feeling that they were attempting to silence and punish him for his actions. This experience impacted his career aspirations and motivated him to start over at a different institution.

The ICCA clarified that they followed internal procedures when clearing Wytrzyszczewski of misconduct allegations. However, data lawyer Dai Davis criticized the college for not adhering to natural justice principles in the case. The ICO decided not to take further action on the breach but is investigating additional complaints raised by Wytrzyszczewski against the college.