Information Commissioner's Office Reviews 500

Called about raising a complaint against a company that has breached my data and despite me calling numerous times to register the complaint and chase up a response the ICO stated I need a paper trail and should go back to the organisation that has not replied to these requests for a written response and ask the for a written response to take back to the ICO muppetry at its best

I raised a complaint to the ICO asking for them to confirm that a data breach had occured and what type of data breach / which part of the law related to this.

The organisation who breached my data had already admitted the data breach in writing and reported themselves to the ICO and put improvements in place. Howevr once I asked for compensation the organisation engaged an aggressive solicitor to defend them and deny their responsibility.

The ICO apparently looked into my complaint, and wrote me a letter whch stated very little and which did not answer my question as to whether a data breach had occured or not, just that they were satisfied with the actions of the organisation.

The ICO clearly discussed the sitaution with the organisation concerned's solicitor. The organisations solicitor waited until the exact date of the ICO's response to reply to me. Their reply denied any data breach and relied upon the ICO's response to proove this.

The whole situation was a total set up. The ICO is not objective or impartial. It appears to site with organisations and I am not sure what the poinf of them is. Their website states what should and should not happen and describes aspects of the law. Yet those working for the ICO appear to be unaware of the actual data protection legislation. It is totaly pointless. I now have to go to the ombudsman and my MP.

Corrupt? I don t know but think so.

I had an open`n`shut case of a letting agent deleting ALL my data when I raised an SAR to get my data. ICO investigated, and the agent then lied to them (and me),breaching yet more GDPR rules. ICO scheduled a magistrates court hearing(which was postponed twice).
The day before the third hearing, the agent met with ICO, the outcome being that the agent pleaded guilty, ICO gave a caution and dropped the court hearing.

Reasons:
a. `1st offence. The 1st offence option is for minor breaches not deliberate malicious deletion of data when requested via an SAR.
b. `Not in the public interest`. It certainly is as the agent knowingly, intentionally and deliberately deleted my data. I have my strong suspicions as to why which I told ICO. The public should know that the agent has contempt for the law.
`LET OTHERS BEWARE` JUSTIFIES THE COURT CASE.

Not only has the agent escaped a criminal record, I have been denied substantive compensation.

I appealed, within a couple of days the review (no appeal facility) said everything was done correctly. So Quickly???

The meeting was the equivalent of a court case where the defence had free reign to put their case whilst I, the victim, was not allowed to attend to present my prosecution case. ICO totally and deliberately ignored me, the victim. Justice? A total travesty of justice.

A millionaire businessman gets away with a minor slap on the wrist while I, a pensioner, get no justice, no compensation.

Trying to call and just cutting off the public now, but verified their payments team answered instantly 🤮

Another con!
I've just paid them £40 to avoid a fine only to be informed that they won't provide me an invoice!
Why do we conform to these ridiculous scams!!

A pathetic money grab by a useless organisation.
why should i pay money to not break a law?

If you are a member of public and you have been given live threatening medication TWICE from the NHS.

Clear breaches of data protection with with misuse of your personal data. Clearly.

The ICO carry on letting these Doctors commit murder and can carry on doing it to others or passing on Cancer, heart and stroke deaths as Covid. These doctors get a bonus for this to get waiting times down. Or cancer waiting times down ect or don't have to pay money to treat people. This is all because of money. Disgusting...

I'm still alive and avoided death from the NHS to tell my story. The ICO are allowing BENT DOCTORS WHO GET BONUSES FOR KILLING PEOPLE. OR COVING UP PEOPLE'S MEDICAL DETAILS AND REPORTS WHICH I HAVE CLEAR PROOF OF IN MY CASE.

Be careful with what medicine Doctors give you. They get a bonus for handing out some medicines. Seriously.

There are hardly any good doctors left in this BENT SECRET FASCISM NHS anymore. All wanting a bonus in there pay packets so the nhs don't spend money on helping people. DEMOCRACY (7.5 million people waiting for treatment in England). OR BEING KILLED.

WHEN SOMETHING GOES WRONG AND YOU MAKE COMPLAINTS. THE NHS TRY KILLING YOU AND TURNS TO FASCISM. NO JOKE. SECRETS OF MESSING WITH YOUR MEDICAL FILES WITHOUT TELLING YOU. LATER ON YOU FIND OUT BECAUSE I HAVE THE FULL REPORTS AND MRI IMAGES. MISSING INFORMATION ON DIAGNOSIS Sheets LATER ON.

Different doctors can't care for you properly because medical information is missing...

THE PENTAGON IN AMERICA DO THE SAME WHEN THREATHING PEOPLE OR WITNESSES. IT'S A CRIME

HERE IN ENGLAND. MURDER OR ATTEMPT OF MURDER IS A CRIME. DOCTORS ARE TOLD AND TRAINED IN A WAY WHICH IS NOT FIT FOR PURPOSE ANYMORE.

SOME DOCTORS ARE HUMAN. YOU WONDER WHY ALOT OF THE GOOD DOCTOR LEFT THE NHS.

IF A NEW DOCTOR WON'T LOOK AT YOUR MEDICAL Records THAT YOU HAVE AND ARE MISSING. CHANGE TO SOMEWHERE ELSE STRAIGHT AWAY. IF THE PRACTICE IS RELUCTANT ON GIVING YOU YOUR MEDICAL RECORDS. SOMETHING IS DODGY AND THE MEDICAL RECORDS ARE LEGALLY YOURS...

MAKE SURE WHEN GETTING MEDICAL RECORDS THAT THEY ARE FULL REPORTS AND NOT SHADDY REPORTS WITH WRITTEN BY THE GP. FOR EXAMPLE. A FULL MRI SCAN REPORT. NOT A SHADDY GP REPORT.

DONT WASTE YOUR TIME WITH THE ICO. THEY JUST LET IT CONTINUE.

ONE RULE FOR DEMOCRACY UNTIL SOMETHING GOES WRONG.

IM NOT JOKING...

So interesting to see how Nigel Farage managed to expose his Coutts/NatWest experience and how swiftly he got results! For the majority of us who are just ordinary citizens without any claim to fame, we appear to be at the mercy of gross incompetence on the part of the the ICO, clearly illustrated by Trustpilot summary 97% "BAD" 1*/5. We note that Elizabeth Denham, at the time earning more than the PM, directed the ICO for 5 years without even having a legal qualification! Now since 18 months under John Edward, previously Information Commissioner Data Protection New Zealand, we see again, judging by the reviews, that little has changed. However, what is amazing is how many Culture Secretaries there have been in the last few years, apparently10 since 2010, who clearly have done absolutely nothing to improve either the organisation or it’s service. Nadine Dorries, who replaced Oliver Dowden, in 2021-22, has recently joined the Daily Mail staff and obviously thinks we are more interested to read about her childhood rather than why she, amongst others, failed to report or note the obvious inadequacies/low ratings of the Data Protection Regulator-ICO to Parliament, which is a part of DCMS duties/responsibilities.
It seems somewhat useless to have an organisation supposedly governed by laws/regulations, whereby in reality we continue to blatantly see, that for the most part judgement is always in favour of the organisations and not for the helpless individual…..myself included!
……….Well at the end of the day I suppose we can’t all be called Nigel Farage…….however it remains to be seen as to how long it will be before we actually have a Culture Secretary who is prepared to finally do something about this totally unacceptable and deplorable situation.
July 2023

Every single data breach, I have bought to the attention of the ICO, with evidence even ones admitted by a company that they have breached my data and failed to comply with the Data Protection act and evidenced, is never dealt with by the ICO. What is the point of them? I have training in GDPR and know the Data Protection Act. The ICO appear to not know it.

Can you imagine if we all didn't do our job? We wouldn't get paid. Why are the ICO any different? Misconduct in a public office comes to mind and nonfeasance behaviour.

The organisation I complained about broke the law by ignoring an erasure request and then, based on evidence (which I supplied to the ICO), knowingly provided an untrue reason as the 'purpose of processing' for refusing to comply with the erasure request. The organisation made further untrue claims that the ICO allowed without any scrunity and without requesting evidence.

The decision by the ICO was that the organisation had abided by the principles of the law.

The ICO's outcome is absolute rubbish becase:

1. The law states that the organisation must provide a response to requests under GDPR within 1 calendar month. I didn't receive a response until 8 months later, and only received a response after the ICO contacted the organisation. By not responding within the statutory time period is in breach of the law.
2. If an organisation provides a dishonest reason as the purpose of processing, that is in breach of Article 15(1a).

Breaching = breaking the law, and to break the law is not abiding by the principles of the law. The ICO was provided with very compelling evidence that would leave no doubt that the organisation had broken the law.

Afterwards, I asked the ICO:

"if an organisation provides untrue reasons for purpose of processing data, please could the ICO explain to me how this is abiding by the law?"

The ICO reused to answer the question.

After seeking a review of my complaint, this is what I was advised:

"The legislation obliges us to investigate to what is, in our view, an appropriate extent, and to provide you with an outcome."

Note: only have to provide an outcome.

I was also advised that the ICO does not forensically look at the evidence and the ICO's outcome is not a legal judgement - therefore, it has no legal relevance at all.

Like many others, based on comments I've read, I was also advised by the ICO to seek legal advice, which makes me wonder what is the point of the ICO?

Many companies/organisations fully abide by data laws but still have to pay the ICO a subscriptions, yet no action is taken against many companies/organisations that flour the law. Based on my research, it appears that the ICO only takes action against the big companies where they can issues fines in the £millions. Make of it as you will!

The ICO is not fit for purpose and should be abolished.

If you removed the dead wood from this tree, the only thing left would be the space.
That space would be of infinitely more use than the ICO.

EA has kept my data against my will and won't remove my details, with constant copy and pastes instead of properly replying. I reached out to the ICO for help as I wanted my account to be deleted on EA so that they no longer housed my data and the ICO essentially just said there's nothing they could do due to the terms from EA. What's the point of the ICO, if you can't even fight companies who are housing data when I've requested it to be removed?

ICO should be Government run with accountability, not by a private company whose interest is only for their patrons, peoples financial and personal data being collected and stored by private companies who are regulated by their own funded private company "ico"

Tried without success to report a data breach. They basically want the person reporting it to do ALL the work. Ffs don’t waste YOUR time calling these clowns. Just hack it and let them deal with Fallout. Waste it time.

I was absolutely right about a company's non-compliance with information and data rules; however the predisposition of the ICO is not to assist a consumer and in my direct experience, side with a company. My case officer as a matter of fact did not know the rules. When corrected on several occasions, he rushed to produce a mistaken conclusion.

The way the ICO works is a conclusion is unappealable, so a mistake is hard-coded into the system with no scope for correction. So what is the point of a quango that does not read, understand or enforce the rules of the area it has responsibility for?

UPDATE: 26 JULY 2024 Absolutely no response from ICO, an entirely unaccountable organisation without shame it might appear

They ask for payment of an another annual tax. Look for exemptions and try refrain from paying this bureaucracy fee.

Completely incompetent. Asked for a manager's review. After 2 months called and asked where this was. Oh they forgot to press 'send' on the email. It was in drafts. When I said 'that's ridiculous'. The call handler put the phone down on me saying 'I don't have to put up with that'. I phoned back and asked if they recorded the conversation as the phone handler was being ridiculous - but no they do not. The whole system is completely broken. I cannot believe I pay these people's salaries. What a waste of time and money. That and they seem to have an extremely limited view of data protection.

Totally corrupt. Police published unsubstantiated disclosures about me for nearly two years, whilst refusing to do an investigation. When they were forced to do an investigation, they found out they had no basis to produce the disclosures and removed them. Pure lies. Suggested I was a pervert because I happened to get a female GP on a triage line after a sexual assault and had to tell her about it. ICO spent nearly 2 years on the case, then closed it without telling me, and said they had no recommendations as police had now removed the disclosures. I appealed it and obtained an equally unsatisfactory response.

Various complaints to the ICO closed with inadequate reasons including for two companies that personal data was not breached despite evidence provided clearly showing as much.

Complaints regarding kids sensitive health data closed with advisement that details are retained for their intelligence and yet months later the organisations are still leaking the data.

Further, their own website breaches PECR and GDPR laws.

I call them, and I submit two complaints they do not even read or spend their time working they want to relax and keep their salary for no work. the service rated Zero and even Zero bigger than them