8 April 2004DA3 7HE
Mr Bob Stanley
Information Compliance Manager
113 Chancery Lane
London WC2A 1PL
Your Ref. sa/bs/251
Re; Application for information
Thank you for your letter dated 1 April '04.
First let me say that under the rules of the Law Society's Data Protection Notice the information I am seeking should have been sent to me at the times third parties requested information on me. This was a failure by the 'Data Controller'. As I am now seeking the information for the periods mentioned I fail to see why any court ruling would have any effect on the failure of a Data Controller to carry out his duties in a correct and legal fashion, if so, you would need to explain it to me.The information I am seeking in the first instance concerns information that was passed to Thos Boyd Whyte Solicitors on the 7/8 June 2000 by the OSS/Data Controller as Doc.1, a memorandum written by my Solicitor at the time, Tula Fitzpatrick, clearly shows information was collected by her which was before my complaints file became live also this information was used for unrelated purposes to my complaint. According to Lord Falconer the Data Controller " has to make sure that all the data processed always complies with an enforceable set of good information handling rules known as the eight data protection principles (The term "processing" covers the obtaining, holding, use and disclosure of data)".
Thirdly, concerning Richard Hegarty you state "I do not understand the point ". Simple, if you read Doc.3 a letter I wrote to Richard Hegarty, highlighted in yellow, you will see he has collected information on me from, I assume, the OSS/Data Controller which is long after my complaints file was serviced and closed. It would appear the OSS/Data Controller has given out data that was 'unrelated' to my complaint to person(s) who were also 'unrelated' to my complaint from a file that was closed.
Finally and unless you can supply the data I am asking for it would appear the information that was 'freely' given was done over the telephone to people who the OSS/Data Controller only 'assumed' they were who they said they were which means data that related to me was passed to an 'unsecured' source which amounts to a total violation of " all the data processed always complies with an enforceable set of good information handling rules ". In my case what do you do? You enforce the rules by asking for proof of ID, inform me there is in effect a 40 working day period before I can expect a reply (to people you assumed were solicitors you did this 'instantly' on the 'phone, Doc.1). You charge an OAP £10 for information that should have been given at the time but you violated the rules by failing to inform me that data was being collected, the purpose and who was collecting it all without my permission yet you gave this data to people you could only 'assume' were who they said they were free of charge. You are now telling me the data you illegally gave to an 'unsecured' source and about which you failed to inform me at the time, you now say " the documents to which you refer would be outside the Data Protection Act and not caught by a subject access request".
Lord Falconer talks a lot about 'transparency in the legal system' I would say his 'transparency' is comparable to those distant 'London Smogs'.
If there is anything you don't 'understand' just ask.
X X Xxxx