Data Protection violation? What should I do?

[killahwhale]

The only information withheld was me confirming the individuals name. This was an initial way of me investigating further with BV.

Since then, all information has been revealed.

 

[harrys99]

I agree with Nifty, that employee should be terminated immediately.

The fact that the person has now contacted the OP and harrassed them shows a complete lack of propriety or professionalism. The fact that they didn't apologize or own up to their mistake says it all about going forward as an employee.

 

[dunover]

Appalling. Right there.

It is disgraceful behaviour of the highest order and the employee involved should be terminated immediately. In fact, I don't know why they haven't been already....to me, that shows that BV does NOT take this matter seriously.

I would submit a formal complaint to the relevant authorities and seek legal advice.

I would also contact Max and see what he can do via the PAB system, although I have a feeling it may have gone beyond that now. However, at least Max may be kind enough to pass it on to Bryan for his consideration and further action.

If everything reported thus far is true (I am a little concerned about what "information" the OP is withholding), and BV does not take serious punitive action against the perpetrator, and provide compensation, then their status should be reviewed.

It's tough enough keeping our personal information private without some cowboy giving a running commentary on our account activity to all and sundry. Disgraceful.

This is seriously bad IMO. I'm not a lawyer, and like any sensible person here I will not conjecture about the avenues open to the OP in a legal/complaint/redress aspect. All I do know is that this is a SERIOUS breach of the DPA which BV are obliged to follow if having UK customers' details.
I had an issue once less severe than this, and I will elaborate for comparison. I lived in a shared flat 20 years ago. I had the Cable Phone account in my name which I moved to my new address. A flatmate (who was a bit of a tool according to his acquaintances) worked for said Cable Company. Only me and my GF at the time knew my new address. 2 days after moving in he knocked on my door on a Monday evening asking for my share (about £7) of the last electricity bill. I had already made arrangements with the 3rd. person in the flat to pay this, and the bloke knew this. So he stood there smirking thinking he was clever, while I told him it was already arranged. Resisting the severe temptation to serve him 4 knuckles with 16 stones behind them I bid him a firm farewell.
Tuesday lunchtime I rang the Cable company and spoke to a manager quoting 'an important issue' and told him the story. A week later I met the other chap at the flat in town and paid him the £7 I had arranged. I didn't tell him what I had done, we had a chat and I asked how 'X' was. I had to bite my lip when I was told he had come home from work the last Tuesday afternoon having been 'made redundant'.

This was even before the DPA.

There have been a few cases of Police officers being dismissed for tracking ex-partners or their new partners, PLUS being criminally prosecuted. I find it incredible that this person at BV is in a position to contact the OP and ask them to withdraw the allegation. It smacks of BV saying 'if you sort it yourself you'll be OK'. This is really BV's preference, as if it's sorted between the two parties it indemnifies them against any legal comebacks effectively, and they will escape any censure and compensation to the OP.
This employee should be immediately suspended on full pay pending a company disciplinary, and inevitably dismissed. Terms of the suspension would be NOT to harass or contact the OP. Whether the person was friends or not with the OP it's still 'gross misconduct'.

There can be no halfway house here; the rogue employee has to go now BV are aware of their conduct. Whether the OP likes it or not.

 

[vinylweatherman]

Hey all,

It's nice to see BetVictor try to buff up their image a little but I've had no assurances for them about anything and although I'm advised this is the first time this has happened and they will deal with it from a company and personal perspective, they've thus far failed to answer any of my concerns.

I find Pauline's attempt to undermine my situation by talking about the length of time and the lack of information, to be quite honest, disgusting.

A breach of the Data Protection Act is a breach whether it happened today or 2 years ago and the full affects of the mistake on the part of the BetVictor employee have only become apparent to me of late.

In regards to 'lack of information' this was done purposely on my part to try and gage what would be done as this is a small community and I was worried - again, BetVictor did nothing to protect my anonymity or data and yesterday I was contacted by the individual, after they were approached at work, and harassed to withdraw my complaint.

I'm raging.

Clearly, he is not the slightest bit sorry for what he has done, so undeserving of another chance. It also illustrates WHY the OP was so reluctant to make a formal complaint, his personal safety WAS under threat, and the harassment has begun (which would now be a police matter), and it would ram home the message more if his employer took the initiative and told this individual that harassing the complainant does not just lose him his job, but gets a visit from the police.

 

[killahwhale]

I'm honestly stumped as to what to do. Bet Victor now won't deal with me and will only deal with this through the Gaming Commission (even though I haven't contacted them yet as I've had promises of contact from the head of CS at BV).

Honestly, I am mind blown by this.

I with I could let Victor know of how his staff were handling this!

If anyone wants to PM me with advice that they'd rather not post here I'd really appreciate that.

 

[dunover]

I'm honestly stumped as to what to do. Bet Victor now won't deal with me and will only deal with this through the Gaming Commission (even though I haven't contacted them yet as I've had promises of contact from the head of CS at BV).

Honestly, I am mind blown by this.

I with I could let Victor know of how his staff were handling this!

If anyone wants to PM me with advice that they'd rather not post here I'd really appreciate that.

You've hit the nail on the head. Why not write to Victor himself? Special delivery. He won't be hard to find on 192.com or similar. If you have irrefutable evidence of their 'indsicretion' why not issue a small claims summons? Then they will have to communicate with you. Make it clear this is NOT going to go away, as they hope by their obfuscation and stalling that it will. From what you've said the GC may not be the best avenue to pursue here, because this matter is governed by proper legislation as opposed to a government QUANGO like the GC. This is actually a prosecutable offence if you read the DPA, as opposed to GC jurisdiction.


Here is advice by the companies organization to UK businesses, concerning this type of situation:

What should I do if there is a security breach?

If, despite the security measures you take to protect the personal data you hold, a breach of security occurs, it is important that you deal with the security breach effectively. The breach may arise from a theft, a deliberate attack on your systems, from the unauthorised use of personal data by a member of staff, or from accidental loss or equipment failure. However the breach occurs, you must respond to and manage the incident appropriately. Having a policy on dealing with information security breaches is another example of an organisational security measure you may have to take to comply with the seventh data protection principle.

There are four important elements to any breach-management plan:

1. Containment and recovery – the response to the incident should include a recovery plan and, where necessary, procedures for damage limitation.

2. Assessing the risks – you should assess any risks associated with the breach, as these are likely to affect what you do once the breach has been contained. In particular, you should assess the potential adverse consequences for individuals; how serious or substantial these are; and how likely they are to happen.

3. Notification of breaches – informing people about an information security breach can be an important part of managing the incident, but it is not an end in itself. You should be clear about who needs to be notified and why. You should, for example, consider notifying the individuals concerned; the ICO; other regulatory bodies; other third parties such as the police and the banks; or the media.

4. Evaluation and response – it is important that you investigate the causes of the breach and also evaluate the effectiveness of your response to it. If necessary, you should then update your policies and procedures accordingly.

These issues are considered in greater detail in our Guidance on information security breach management. We have also produced Notification of Data Security Breaches to the ICO. This is guidance on:
•the circumstances in which we expect organisations to notify us of security breaches;
•the information we need in those circumstances; and
•what organisations can expect us to do after notifying us.

 

[killahwhale]

So, I went on to BetVictor Chat to talk to an individual today who has forbid me from posting that chat here.

I can't understand the reason why if I remove any identifiable information - Any thoughts?

They're keeping tabs on this thread anyway.

 

[killahwhale]

Probably best to clarify that there's nothing account specific nor is there any personal information relating to anyone involved.

However, the chat host did say categorically that they don't give permission for the chat to be posted here on Casinomeister.

 

[dunover]

Probably best to clarify that there's nothing account specific nor is there any personal information relating to anyone involved.

However, the chat host did say categorically that they don't give permission for the chat to be posted here on Casinomeister.

You mean you are FORBIDDEN to behave in any way similar to themselves lol...

I can understand that and agree it would be unwise to disseminate any stuff in public. Keep your nose clean, and stay in the right. Don't fall foul of any tricks that will liable you to counter-allegations.

TBH I wouldn't even bother CM with this matter. I'd suggest it is too serious and with all due respect Bryan and Max etc. aren't lawyers and this is not simply a clear-cut T&C or bonus/non-payment dispute. Although it stems from a Gaming company, I don't consider that strictly relevant. Whether a bank, casino, hospital or employer posts personal info. it is specifically covered in legislation outside the GC's jurisdiction. The GC is a revenue-collector.
I would recommend one of those '£5 for a half-hour' consultations with a lawyer and see where you stand and get a professional's perspective and suggestions on how to proceed. Play it by the book. You're OK so far, insomuch as you've revealed an outline of the circumstances on what you deemed at the time a relevant medium, and the offending Tweet.
You can sense the general consensus is massively supportive of you, and assuming the post is honest and accurate it would be a fair assumption that a lawyer and adjudicators would be too.
You can't really go further on here IMO. I'd take action and merely update us when you've had resolution. Someone does need to be hung out to dry for this.

 

[killahwhale]

Thank you so much for your post, perhaps I need to clarify I'm here for advice but mainly support. The Gaming Commission process is long and they have a backlog and go in order of receiving issues and BetVictor don't want to help me in anyway.

I suppose I feel alone in this process and given the small community and the fact that someone is going to lose their livelihood because of their and BetVictor's failure and I receive no support from anywhere...so I'm sharing my burden with you guys :

Lucky you!

 

[JackTenOff]

I've contacted the gaming commission once before, they were pretty quick responding but the issue wasn't as in depth or as serious as yours.
You could try contacting a lawyer who specializes in the Data protection act, a quick Google throws up

You do not have permission to view link Log in or register now.

Either way this is being handled terribly by BetVictor and I hope you get it sorted.

 

[Nate]

I agree that in principal the employee was hugely in the wrong. The OP claims to have been receiving harassing calls from the said employee, whilst I do not doubt what he is saying ... Can a call to apologise also be sensationalised as harassment to better the standpoint of the complainant?

I understand the BV cannot splatter their internal process all over the forum. They need to provide something in writing to the OP acknowledging the contact, incident and subsequent action taken against the offender. They also need to acknowledge that contact was made by the employee once again or reported to them. It could have been a courtesy call to say 'Sorry' although it does not lessen the severity of the case.

Nate

 

[vinylweatherman]

It appears they have closed ranks and gone into defensive mode. They have shut off all communications with the VICTIM in order to protect themselves from any fallout.

A complaint should be made to the Information Commissioner's Office, not the UKGC. This is not a gaming matter at all, but a personal data one. The UKGC will probably see this as outside their remit.

The ICO should act more quickly, and more DIRECTLY on this issue, as it is what they are there for.

Attempts to close ranks and protect themselves rather than help the victim recover from the damage caused by the breach will not go down well with the ICO.

This is not a mere technical breach either, the data was published on Twitter, which means in effect published to "the general public". If that wasn't bad enough, the employee was then able to contact the victim and harass and threaten them to keep quiet about the issue, with the employer seeming more interested in protecting themselves than the victim.

The later action (banning the posting of the chat) is all about furthering their aim of keeping this quiet so that the public in general (and especially their other customers) are kept in the dark about the potential risk to their personal data through what appears to be lax supervision of staff.

It's too late though, and these attempts to cover up what has already leaked out just make them look worse because we KNOW what they are trying to cover up.

 

[gibboplayer]

Hello

Quoting Nate: "Can a call to apologise also be sensationalised as harassment to better the standpoint of the complainant?"

Hi all. I am the one responsible for the tweet. Let me begin by saying that I am no longer employed by nor affiliated to in any way, shape or form to BetVictor. I have decided to comment to clear a few things up.

The above quote is correct, it was indeed sensationalised. I did not call the complainant, I spoke to him on Facebook chat (of which I have the records). I did not harass him to withdraw the complaint. In fact, I didn't even ask him to withdraw the complaint. I told him that I accept the consequences of my actions and pleaded him not to take legal action as my employment was surely going to be terminated (which it has). I said to him if he decides to withdraw the complaint, "I would be eternally grateful". We ended the conversation with my saying I would not bother him further, to which he replied "I will fight your corner not to get you fired. Despite your assertions, it's not inevitable."


Some have assumed that I have not apologized to the complainant, which is wrong. I have apologized constantly and sincerely since the incident happened a year ago. He accepted my apologies and even promised me that the screenshot had been deleted.

The complainant and I have been acquaintances after he moved to Gibraltar (he is not local and hardly knew anyone so I befriended him, therefore his argument about his reputation in a small community is invalid as he is not well known, but I am). We share very similar political views and contribute to a local political Facebook debate group and so we chat on Facebook, we crack jokes and so on.

The tweet was a genuinely naive error on my part for which I have accepted the consequences and apologise sincerely to the complainant, to the company and would like to extend it to every one on this forum. Please note that the Tweet was deleted shortly after and as it was a direct tweet and I only had a handful of followers on Twitter, very few people if any would have seen it.

So it would seem that this action is one of vengeance, for reasons unknown. It is unfortunate but it is the price I must be pay and I accept it. One hopes I can find another job to pay off my loan and take care of my family.

I have blocked the complainant from any and every method of communication possible so I cannot contact him further.

Thank you to all for taking their time to read my side, even if you do not agree with it. I have not come here to ask for your sympathy but to explain myself. I wish you all the best.

 

[Nifty29]

Quoting Nate: "Can a call to apologise also be sensationalised as harassment to better the standpoint of the complainant?"

Hi all. I am the one responsible for the tweet. Let me begin by saying that I am no longer employed by nor affiliated to in any way, shape or form to BetVictor. I have decided to comment to clear a few things up.

The above quote is correct, it was indeed sensationalised. I did not call the complainant, I spoke to him on Facebook chat (of which I have the records). I did not harass him to withdraw the complaint. In fact, I didn't even ask him to withdraw the complaint. I told him that I accept the consequences of my actions and pleaded him not to take legal action as my employment was surely going to be terminated (which it has). I said to him if he decides to withdraw the complaint, "I would be eternally grateful". We ended the conversation with my saying I would not bother him further, to which he replied "I will fight your corner not to get you fired. Despite your assertions, it's not inevitable."


Some have assumed that I have not apologized to the complainant, which is wrong. I have apologized constantly and sincerely since the incident happened a year ago. He accepted my apologies and even promised me that the screenshot had been deleted.

The complainant and I have been acquaintances after he moved to Gibraltar (he is not local and hardly knew anyone so I befriended him, therefore his argument about his reputation in a small community is invalid as he is not well known, but I am). We share very similar political views and contribute to a local political Facebook debate group and so we chat on Facebook, we crack jokes and so on.

The tweet was a genuinely naive error on my part for which I have accepted the consequences and apologise sincerely to the complainant, to the company and would like to extend it to every one on this forum. Please note that the Tweet was deleted shortly after and as it was a direct tweet and I only had a handful of followers on Twitter, very few people if any would have seen it.

So it would seem that this action is one of vengeance, for reasons unknown. It is unfortunate but it is the price I must be pay and I accept it. One hopes I can find another job to pay off my loan and take care of my family.

I have blocked the complainant from any and every method of communication possible so I cannot contact him further.

Thank you to all for taking their time to read my side, even if you do not agree with it. I have not come here to ask for your sympathy but to explain myself. I wish you all the best.

Vengeance was my first thought in regards to motive. Still, the motive is immaterial in the end, as you have lost your job, and I hate to say, rightfully so.

I would call on the OP to allow this person to post the Facebook conversation that they had where he accused this person of "threatening him" etc. If he has nothing to hide, he shouldn't have an issue with it. If he lied, he should be banned from here permanently.

One final thing....I personally think it is an act of pure nastiness on the OP's part to bring this up after a YEAR. Obviously, they weren't bothered about it at all....until now. I wonder what changed? Big losses perhaps? No more bonuses?

What you did was wrong, and you paid the price, but I would be pissed that someone waited this long to bring this up, for reasons that we may never know.

 

[Balthazar]

Vengeance was my first thought in regards to motive. Still, the motive is immaterial in the end, as you have lost your job, and I hate to say, rightfully so.

I would call on the OP to allow this person to post the Facebook conversation that they had where he accused this person of "threatening him" etc. If he has nothing to hide, he shouldn't have an issue with it. If he lied, he should be banned from here permanently.

One final thing....I personally think it is an act of pure nastiness on the OP's part to bring this up after a YEAR. Obviously, they weren't bothered about it at all....until now. I wonder what changed? Big losses perhaps? No more bonuses?

What you did was wrong, and you paid the price, but I would be pissed that someone waited this long to bring this up, for reasons that we may never know.

I don't think it's big losses or lack of bonuses because the tweet was sent after the OP had closed his account. I also agree that it was a cheap shot to make this thread one year after the fact. For some reason, I'm having a hard time to side with OP even though sending the tweet was wrong. Maybe it's just me but it appears like the BV employee sent a tweet to "his friend" in a friendly manner and OP sat on it for a year (obviously he didn't think that it was a big deal otherwise he'd have spoke sooner). Then, out of the blue, OP decides to use it? Hmm.

I, for one, tend to feel sorry for the BV guy here.

 

[Casinomeister]

If the OP had accepted the apology, then why is this now a public issue?

If the OP had truly accepted this apology, then this is absolutely in bad form from the OP's corner. I was under the impression that we had a rogue employee exploiting players' personal info. A different picture has been painted now.

 

[killahwhale]

I've stated over and over again, I only felt the need to report this when it affected my private life negatively and when I realised the full implications of what had happened and had caused nealgativity in my private life.

I've been advised not to post the Facebook Chat on here as the case is being dealt with and this thread will of course be referenced too.

I am not a vengeful person and if this were out of vengeance it would have happened immediately. I did not at any point request the employee to be fired and I did everything I could to prevent that and made it clear to BetVictor that this was absolutely not a wish of mine.

The fact is the law was broken and it caused me issues and I had to act for my own protection and it's now being dealt with by the proper authorities.

The individual may have lost his job, and I am truely saddened by that but the law was broken and that's the case.

The dishonesty in the post above is laughable - I was contacted by the individual and begged to withdraw my complaint and they attempted to use emotional topics to persuade me.

While the post above may suit the person who just got let go for breaking the law, I am a victim of his stupidity.

 

[gibboplayer]

I've stated over and over again, I only felt the need to report this when it affected my private life negatively and when I realised the full implications of what had happened and had caused nealgativity in my private life.

I've been advised not to post the Facebook Chat on here as the case is being dealt with and this thread will of course be referenced too.

I am not a vengeful person and if this were out of vengeance it would have happened immediately. I did not at any point request the employee to be fired and I did everything I could to prevent that and made it clear to BetVictor that this was absolutely not a wish of mine.

The fact is the law was broken and it caused me issues and I had to act for my own protection and it's now being dealt with by the proper authorities.

The individual may have lost his job, and I am truely saddened by that but the law was broken and that's the case.

The dishonesty in the post above is laughable - I was contacted by the individual and begged to withdraw my complaint and they attempted to use emotional topics to persuade me.

While the post above may suit the person who just got let go for breaking the law, I am a victim of his stupidity.

I would be more than happy to post the Facebook chat here, with your permission of course. I have nothing to hide. I didn't even ask you to withdraw it, let alone beg. I asked you not to take legal action. I have lost my job now (and rightfully so). Here's a question for the sake of clarity for the other members of this forum, why did you report it after a year?

 

[killahwhale]

If it was for vengeance of something conceited, I would have been after something like money - that's not the case in the slightest.

My only request to BetVictor was for the person to he trained and I did everything possible to protect their identity here, with BetVictor and where possible with the GRA the GGC.

Admittedly I did accept an apology when it initially happened without fully understanding the implications a simple tweet could have on private life. I've been clear from the start that the tweet was months ago but that the effects of the tweet that was seen at the time have only been made clear to me now.

I will be happy to provide the Facebook conversation from after I reported the incident once I've spoken to the GRA this afternoon - All personal info (such as names or identifiable information) will be removed but everything else will stand as is.

 

[gibboplayer]

If it was for vengeance of something conceited, I would have been after something like money - that's not the case in the slightest.

My only request to BetVictor was for the person to he trained and I did everything possible to protect their identity here, with BetVictor and where possible with the GRA the GGC.

Admittedly I did accept an apology when it initially happened without fully understanding the implications a simple tweet could have on private life. I've been clear from the start that the tweet was months ago but that the effects of the tweet that was seen at the time have only been made clear to me now.

I will be happy to provide the Facebook conversation from after I reported the incident once I've spoken to the GRA this afternoon - All personal info (such as names or identifiable information) will be removed but everything else will stand as is.

How did it implicate on your private life? The tweet was deleted after 10 minutes (I had a handful of followers and your Twitter account is protected) and after you accepted my apologies, you later promised that the screenshot had been deleted. If this was not planned vengeance, why keep the screenshot?

 

[killahwhale]

A breach of the law is a breach of the law.

As someone, bearly, I knew in this small community I was willing to brush it off and only recently has it come to have a negative impact on my private life to the point that it's caused damage to my family life that I couldn't have predicted - I have said this throughout the thread and to you personally when you messaged me asking me to withdraw my complaint and not to take legal action.

Once I have spoken to the GRA this afternoon I will seek advice on posting the Facebook conversation and the information in this thread and applicable Facebook messages will be shown to them if requested.

I have absolutely nothing to hide and have been an open book to BetVictor and the relevant authorities here.

 

[vinylweatherman]

I've stated over and over again, I only felt the need to report this when it affected my private life negatively and when I realised the full implications of what had happened and had caused nealgativity in my private life.

I've been advised not to post the Facebook Chat on here as the case is being dealt with and this thread will of course be referenced too.

I am not a vengeful person and if this were out of vengeance it would have happened immediately. I did not at any point request the employee to be fired and I did everything I could to prevent that and made it clear to BetVictor that this was absolutely not a wish of mine.

The fact is the law was broken and it caused me issues and I had to act for my own protection and it's now being dealt with by the proper authorities.

The individual may have lost his job, and I am truely saddened by that but the law was broken and that's the case.

The dishonesty in the post above is laughable - I was contacted by the individual and begged to withdraw my complaint and they attempted to use emotional topics to persuade me.

While the post above may suit the person who just got let go for breaking the law, I am a victim of his stupidity.

This is the problem with social media. One may think they are talking to a small audience, but like a forum, it is essentially a release to the general public. Employers also use sites like facebook to get an insight into the private life of a potential employee, and the same happens with Twitter. Deleting a posting only limits further damage. With social media, the most likely audience to see the post is often the audience that is closest to the person being referred to, and where the most damage is likely to occur. Certain topics are more sensitive than others, and certainly the fact that someone was on the verge of being dragged under by out of control gambling is a VERY damaging fact to reveal to close friends and family, and of course their employer. A user of social media should know this.

Although the employee has tried to clear the air, it appears that they and the victim strongly disagree on the facts. Sometimes contact to make an apology can backfire due to a misunderstanding, and appear to be harassment. It seems the victim in this case interprets the attempt as a "conditional apology" as it comes with pressure to stop pursuing the matter, and accepting the damage already done.

If the OP pursues the matter, it will be against the employer, the employee has already suffered the penalty for "gross misconduct" having been fired. The OP needs help in trying to minimise the impact of the damage already done, and this is hard because it is impossible for his family and friends to "unlearn" what has now been revealed about the OP's gambling.

What is still not clear is WHY this ex employee was sniffing around a closed account. For what job related purpose was this done? The whole thing started with an employee nosing around the database, and this is the bigger worry here, the fact that employees CAN do this, and only get found out when a complaint is made. Controls should be in place to monitor such access, and nosing around the data in a closed account should ring alarm bells with management, who should have already been dealing with the matter long before this became a data breach.

Had management caught this early, and given the employee the appropriate bollocking, it is unlikely they would have gone on to make that tweet. They would also still be in work, as the matter would not have been so serious.

 

[Balthazar]

Admittedly I did accept an apology when it initially happened without fully understanding the implications a simple tweet could have on private life.

1- How could your family members see a direct tweet that only appeared for a few minutes? Are they refreshing gibboplayer's twitter page non-stop? Were they magically logged in your Twitter account when he posted it? Were they following both of you?

2- Why the heck did you save it?

3- Why did it start affecting your life NOW instead of last year?


On top of that, it's not like the tweet is crystal clear. Someone who has no idea of what you did wouldn't know what that tweet was all about.

What a bunch of nonsense.

 

[gibboplayer]

What is still not clear is WHY this ex employee was sniffing around a closed account. For what job related purpose was this done? The whole thing started with an employee nosing around the database, and this is the bigger worry here, the fact that employees CAN do this, and only get found out when a complaint is made. Controls should be in place to monitor such access, and nosing around the data in a closed account should ring alarm bells with management, who should have already been dealing with the matter long before this became a data breach.

Had management caught this early, and given the employee the appropriate bollocking, it is unlikely they would have gone on to make that tweet. They would also still be in work, as the matter would not have been so serious.

The complainant informed me on Facebook chat during one of our casual conversations (again, this is all on record) that he had been gambling with BV and was going to self exclude the account. I told him I'd check his account when I was in next, to which he replied "ok". I acknowledge that I was completely in the wrong for looking at his account.

All I can say is I'm sorry.