This article considers whether the current approach of the criminal law to the unauthorised disclosure of personal data is adequate to deal with situations in which this disclosure has facilitated the commission of some other criminal offence. It argues that the focus of the criminal law should be on the consequences of disclosure and that there are strong policy arguments in favour of imposing liability on the person making disclosure for the offence that has been committed as a consequence of this conduct. In doing so, the article considers whether this could and should lead to the imposition of liability for constructive manslaughter if the disclosure of personal data leads to the death of the person to whom the data relates. The article concludes by suggesting that the most appropriate response is to strengthen the existing law with creation of a new offence that would focus on the consequences of disclosure.