Kier and Balfour Beatty among 14 firms told to clean up or face prosecution by data regulator

Enforcement notices served to blacklist firms including Kier and Balfour Beatty

Fourteen companies told they face prosecution unless they adhere to the terms of the notices

Balfour Beatty, Kier and Shepherd Engineering Services are among 14 firms served with enforcement notices following their involvement in the construction blacklist uncovered in March.

The Information Commissioner's Office served the notices on the companies for breaches of the Data Protection Act. Should the firms fail to adhere to the terms of the notices, they could face prosecution.

Some organisations paid sums totalling thousands of pounds to unfairly obtain personal information about construction workers.

The 14 firms are:

  • Balfour Beatty Civil Engineering Ltd
  • Balfour Beatty Construction Northern Ltd
  • Balfour Beatty Construction Scottish & Southern Ltd
  • Balfour Beatty Engineering Services (HY) Ltd
  • Balfour Beatty Engineering Services Ltd
  • Balfour Beatty Infrastructure Services Ltd
  • CB&I UK Ltd
  • Emcor Engineering Services Ltd
  • Emcor Rail Ltd
  • Kier Ltd
  • NG Bailey Ltd
  • Shepherd Engineering Services Ltd
  • SIAS Building Services Ltd
  • Whessoe Oil & Gas Ltd.

Deputy information commissioner David Smith said: “Fourteen firms paid for personal details about construction workers without those people knowing. The individuals were denied the opportunity of explaining or correcting what may have been inaccurate personal information about them and which could have jeopardised their employment prospects in the construction industry.

“We have used the maximum powers available to us and this enforcement action sends a strong signal that organisations must take the Data Protection Act seriously.”

The enforcement action prevents the companies from using the personal data supplied to them by Ian Kerr, who ran The Consulting Association (TCA) and held details on over 3,200 construction workers.

The 14 companies will also need to ensure that if they obtain personal information regarding job applicants from third parties in the future, they remain completely open with those applicants about the process.

It is a breach of the Data Protection Act to use personal data covertly to vet workers for employment.

On 16 July Ian Kerr was fined £5,000 for breaching the Data Protection Act and ordered to pay over £1,000 in costs.