A new Winkworth Sherwood partner has come a cropper after failing to blind copy 600 contacts taken from his former firm in an email informing them of his move.

New employment partner Blair Adams, who joined from Wedlake Bell, managed to commit the apparent data breach on his first day in the job last Monday.

Adams emailed approximately 600 contacts to tell them he had moved firm. Unfortunately he put all of their names in the "To" field rather than the "Bcc" field, so they could all see each other's email addresses. 

Several of the humourless contacts have filed complaints, according to a source. 

joy comp

"First email, sent!"

Wedlake Bell Managing Partner Martin Arnold was said to be "incandescent", not least because Blair's electronic file of clients was downloaded from Blair's Wedlake Bell account.

Both Winckworth Sherwood and Wedlake Bell have reported the breach to the ICO and are considering their duty to report Blair to the SRA, RollOnFriday understands.

Arnold told RollOnFriday, "We know that on Monday 1st July, an email was sent to various people by our former Partner Blair Adams from his Winckworth Sherwood email account. The matter is being dealt with appropriately".  

"It is important to stress that Wedlake Bell had no knowledge that Blair Adams had taken any client contacts from his Outlook account before he left the firm", he added, "other than those where client consent had been received".

A spokesman for Winckworth Sherwood confirmed that “a new starter" at the firm "accidentally shared a limited number of email addresses by inadvertently using the ‘to’ field instead of the ‘bcc’ field when sending their new contact details".

"This was an isolated incident and the email addresses were the only data shared", he said. "On becoming aware of the issue we acted promptly to expunge the data from all devices and systems. We have self-reported the matter to the relevant regulatory authorities.”

Tip Off ROF


Dearie 12 July 19 08:51

If I received that email, I wouldn’t care one jot about others seeing my email address. What I would care about is the fact that he was idiot enough to think a mass email was an appropriate way to communicate with supposedly valued contacts. When I last moved roles I spent over 7 months managing and contacting my contacts list, and that list only had about 175 people on it. Quality not quantity dear boy.

Anon 12 July 19 08:53

Possibly also a criminal offence under the Data Protection Act 2018?

a perfectly normal human being 12 July 19 09:35

Anyone who raises a complaint about this kind of utterly harmless error is a total retard.

Slum Dog 12 July 19 09:40

Dearie @ 08:51. Spot on. As an ex-inhouse lawyer I agree that the only way to properly inform contacts about a move (and to demonstrate you really care about and value the relationship) is to communicate directly with them one-to-one. Firms also need to be clear to new employees and partners about how they expect marketing/BD comms to be handled to ensure it protects the contacts' identities, doesn't breach GDPR, protects the firm's reputation, and demonstrates that the individuals and firm know how to respect client/contact information. 

ShootyMcShootyface 12 July 19 09:41

I can think of many of my Partners who would probably make the same mistake, put in the same position.

Many of them would probably require assistance in starting Outlook in the first place, and a goodly number would need detailed instructions on finding the address book, let alone exporting it.

Loving the picture, ROF. Good work.

Topsykretts 12 July 19 10:03

I find it embarrassing that people bother to get upset about ridiculous shit like this. Show what a boring and fake industry this is...

Paper cuts 12 July 19 11:05

Is this minor whoopsie even mildly embarrassing?  Who cares?  Of course he's going to inform his contacts.  The attitude of the previous firm is positively Stalinist.  More "issues" for the GDPR idiot-nerds to salivate over.   

Human 12 July 19 11:28

Data protection is the new 'ealth and safety.

Anonymous 12 July 19 12:40

Surely the bigger concern is any non-dealing clauses/restrictive covenants he had in his previous contract with Wedlake Bell?

Anon 12 July 19 13:38

@Anonymous 13:09

Precisely. The issue is not the failure to use blind copy; it is taking contacts from his old employer. This could be criminal offence.

Anonymous 12 July 19 14:46

@Anonymous 13:09, @Anonymous @13:38

He only has problems if the SRA actually go after a senior lawyer for this. They seem to prefer hitting the soft targets.

Anonymous 12 July 19 19:07

Anon at 14.46: absolutely. He has committed an offence that's a given but whether anything will (and should) be done about it is something entirely different. 

Lawyer 13 July 19 11:57

Anyone who gets upset about this is a complete bell-end and should reassess their life priorities.

Anonymous 16 July 19 10:31

Everyone has made a similar mistake at one point or another.  Of course, there are GDPR implications and it's unfortunate and a bit stupid, but it's easily done and but nobody died.  Perspective and common sense should prevail here.

Spotty Lizard 16 July 19 15:26

It is important to stress that Wedlake Bell had no knowledge that Blair Adams had taken any client contacts from his Outlook account before he left the firm", he added, "other than those where client consent had been received".

And, of course, at no point in interviews did they ask the question, "What's your following, mate?". 

Anon 18 July 19 15:02

@ Anonymous 16 July 19 10:31

"it's easily done" - You mean downloading hundreds of contacts from your old employer? 

"nobody died" - Have you thought of becoming a defence lawyer? I can imagine the Magistrate being totally blown away by that argument in relation to a prosecution under s.170.

Related News