I didn’t see it at the time, but apparently Jeremy Clarkson published his own bank account details in a newspaper article to demonstrate that the loss of the Benefits database was not a big deal. Now he finds that someone has diverted £500 of his money to charity.
In principle, I think he was right, but I wouldn’t have done it. If any money is removed from your account without your permission it is the bank’s fault unless (maybe) you were negligent. The account number and sort codes, your name and address are not secret information. You require more information than that to withdraw or transfer money, but a lot of bank transactions still rely on unreliable signatures and I wouldn’t trust their diligence to check all that carefully.
They say that “The bank cannot find out who did this because of the Data Protection Act and they cannot stop it from happening again.” That is utter rubbish They may not be able to find out who because they probably don’t know who, if it was done by a forged signature, but any clues they do have are criminal evidence and not subject to data protection from the relevant authorities. I think they perhaps mean that they can’t tell Jeremy. I suspect that in this case, he will not be pressing for an investigation, but normally you should.
The flaw seems to be that some Direct Debit forms do not require a signature and the banks allow this. That is not banking, that is a welfare agency and they should be liable. I have never trusted the Direct Debit system, but I hadn’t realised that it was that bad.
It would have been even funnier if the donation was made to Friends of the Earth 🙂