Rogue PIs 'Gathered tax details'

Rogue private investigators obtained sensitive personal data from the the UK's tax office and two of the country's biggest companies, it has been revealed.

An unredacted version of a report from the Serious Organised Crime Agency (Soca), seen and released by investigative news agency Exaro, shows HM Revenue & Customs (HMRC), communications giant BT and utility firm British Gas have all fallen victim to dodgy private detectives.

Corrupt private investigators obtained details from HMRC of income and tax paid by individuals, as well as bank account details of British Gas customers and whether phone lines were linked to specific addresses from BT.

The updated version of the 2008 report, previously leaked with the names of the three organisations kept secret, is released as pressure mounts on Soca and MPs to release the names of hundreds of companies and individuals who may have used rogue private investigators to steal personal information.

More than 300 companies and individuals could be involved in so-called "blue chip" hacking where private data may have been gathered illegally by private snoops.

As the scandal unfolds, the Home Secretary is expected to announce this week that private investigators will be regulated for the first time.

A list of 102 names has been passed to the Home Affairs Select Committee by the Serious Organised Crime Agency (Soca), while it has emerged that Scotland Yard has another list of at least 200 who feature in ongoing criminal investigations.

Committee chairman Keith Vaz MP has now written to the chief executives of various regulators to ask for clarification on what guidelines, if any, they issue to organisations in their industry on the use of private investigators.

He said: "The context in which the companies implicated by Soca's information have acted is crucial for us to understand their motives.

"By understanding whether an organisation has conducted their business within their regulator's guidelines gives a clear indication of their ethical standpoint.

"Without the names the public are currently left impotent in their judgment. It is important we try to gain as much assurance as possible on their behalf."

The list of regulators contacted includes the Association of the British Pharmaceutical Industry (ABPI), The Law Society, ICAEW, Security Industry Association (SIA), Office of Fair Trading, BVRLA, Office of Rail Regulation and Financial Conduct Authority.

The Soca report released today in an unredacted form appears to suggest much of the information accessed unlawfully by private detectives was done so for some of Britain's most high-profile businesses.

HMRC, BT and British Gas are now revealed as some of the victims of such nefarious practices.

An HMRC spokesman said: "We take the protection of customer data extremely seriously so we constantly review our processes and procedures in light of developments in the e-security world, together with the expert technical and strategic advice we receive from our advisors and in-house teams. For reasons you will understand we cannot go into more detail."

Mark Hughes, managing director of BT security, told Lord Justice Leveson's inquiry into press standards of 19 cases of so-called social engineering - when fraudsters manipulate staff into disclosing personal information - in the six years to February 2012.

A spokesman for the FTSE 100 firm said: "BT takes its responsibility to protect customer data very seriously and will not tolerate misuse of its systems or inappropriate or unauthorised access.

"For this reason, BT ensures that user access can be tracked so that any misuse may be detected, and offenders can be dealt with appropriately."

Soca has compiled a list of 102 potential organisations or individuals linked to private investigators who directly or indirectly received personal data against the law.

Methods including phone and computer hacking, blagging - faking an identity to draw information from an official spokesman - and phone interceptions.

The list was passed to Mr Vaz's committee but on strict confidentiality grounds - prompting the chairman to demand an explanation as to why it should be kept secret - as it is thought the names on the list relate to closed investigations into events that took place more than five years ago.

It later emerged that Trevor Pearce, Soca director general, disclosed that a second list is with the Metropolitan Police because it contained "client information that continues to feature directly in current actions".

No one on either list has been directly accused of breaking the law or the knowledge that an investigator they used acted illegally.

Home Secretary Theresa May is expected to announce proposals that will require private detectives to have a licence to operate, with anyone found guilty of hacking or "blagging" barred from obtaining a licence.

A Home Office spokeswoman said: "We expect law enforcement agencies to take tough action against criminal behaviour wherever it is identified.

"Ministers will shortly be announcing plans to regulate private investigators."

Nick Pickles, director of privacy campaign group Big Brother Watch, said: "Attempting to keep the names of the companies involved secret will rightly be seen as an attempt to cover up previous failures to enforce the law.

"While each industry concerned may have its own regulatory framework, ultimately all personal information is protected by the Data Protection Act and we have repeatedly warned that the law is not being properly enforced when it comes to personal information and in the rare cases where people are prosecuted, the punishments are often pathetic."

10 consumer rights you should know

10 consumer rights you should know