<Home page <


13 October 2004

Mrs M E Manwaring Compliance Manager
The Information Commissioner Office
Wycliffe House
Water Lane

Your ref: RFA0029621

Dear Sir

Re: Data Protection Act

Thank you for your letter dated 24 September, yes I am disappointed but not in the least bit surprised and I take note you supplied the 'phone number for enquiries to the Parliamentary Ombudsman. Very reminiscent of the Lord Chancellor's office "if you don't like it take us to the High Court".

All past correspondence I have received from your office gives the distinct impression that no contact by the IC or his office, regarding my complaint, has been made to any other body outside of IC's office? I last wrote to you on 7 September and stated if I was not satisfied I would contact the Parliamentary Ombudsman. Nine days later, on the 16 September, the 'lawsociety.org.uk' and also 'parliament.uk' logged onto my web site 'www.solicitorsfromhell.com' and accessed in excess of 150 pages and you replied to my letter eight days later on the 24 September and as I said putting forward the Parliamentary Ombudsman's contact 'phone number. If I was a 'Bookie' I would say that it was 'odds on' that the Parliamentary Ombudsman has been 'knobbled' which would, outside of the Law Society, instigate a Steward's enquiry, coincidence?? I don't think so.

Back to your letter dated 24 September you state "Firstly, …I have been unable to identify an instance where you requested information from Mr Gray and it was not given".
I asked Jonathan Gray for a copy of or to direct me to the rule that that states solicitors are allowed to 'request' information from complainants' complaint files and where it states this can be done by 'non-secure' means (over the telephone) and used for unrelated purposes to the complaint.
Jonathan Gray also stated Richard Hegarty rang me during the evening to discuss with me an "issue" which I had "raised", I did ask Jonathan Gray what this 'issue' was (see my letter dated 1 July), as he appeared to know, but he failed to tell me.
In my letter dated 16 June penultimate paragraph, I asked Jonathan Gray why, as Richard Hegarty 'phoned me on 'Law Society business', he (Richard Hegarty) 'personally' and not the Law Society was trying to shut down my web site. I received no answer.
Also in my letter dated 16 June 2nd page 2nd paragraph I asked "Richard Hegarty already had my home address so why did he need further "contact information"???" no answer.
Same letter same paragraph I asked "However if Richard Hegarty was conducting 'Law Society' business you would expect that he would have contacted the OSS for information, remember he already had my address. So tell me, why did he request information from elsewhere and not the OSS (see copy of Aman Virk's letter dated 7 May that I sent to you)???" another question not answered.
Let me finish with three rules that, although I have continually quoted and the IC has refused to recognize. First is in the Law Society's Data Protection Notice and I have asked where it mentions that information/data can be passed by 'unsecured' means (over the telephone) 'All requests for information in accordance with this Code shall be in writing, addressed to the Chief Executive, and shall be signed by the person making the request'.
Second is a rule that concerns complaints' files. 'We will not use that information for any unconnected purpose without your consent'.
Third is in the IC's own rule book 'If someone wants to use your information for another purpose…you should be told about it and given a choice'.

You further state "Thirdly…. I have read the document relating to the telephone conversation between Thos Boyd Whyte and the OSS. There is no evidence that personal data about you was disclosed during that conversation". Please tell me where I said "personal data" was "disclosed during that conversation" and why would I say the OSS "disclosed personal data" to TBW when TBW already had all my "personal data"? What I did say concerned the misuse of information collected from my file in violation of the Law Society's Data Protection Notice and passed, again to a third party to be used for an 'unrelated purpose' to my complaint, I was not told nor was my permission given. Let me once again quote the Law Society rule concerning complainants' complaint files:-
Data Protection Notice
We will use the information you give us to investigate your complaint. We will not use that information for any unconnected purpose without your consent. We will have to reveal your information to the firm or solicitor you have complained about. We may also have to reveal that information to our agents (people acting on our behalf) and to others involved in: The IC's rule states "If someone wants to use your information for another purpose…you should be told about it and given a choice". You will also notice that there is no reference to solicitors being allowed to 'request' information from complainants' files and if there were, let me quote the rule regarding the 'requesting' of information which you will notice does not include the use of the telephone: - All requests for information in accordance with this Code shall be in writing, addressed to the Chief Executive, and shall be signed by the person making the request. The IC is trying to cover the word 'request' with the word "reveal" which refers to the OSS 'revealing' information from a complaints file during an investigation, in my case information was illegally 'requested' and illegally given by the Data Controller over a year prior the investigation. Please explain the meaning of these rules or if they have any relevance as far as the IC is concerned? Let me again quote Lord Falconer "…a complainant is somebody who doesn't quite understand the procedures, therefore must be wrong".

As I see it Richard Thomas should apply the rules how they are written and only a court ruling can interpret the meaning, as was the rule ("…not of sufficient sophistication to provide the same or similar…") applied to stop me collecting information that I should have previously been informed of and my permission granted before 'unrelated' information was given out. The rules are clear on the procedures for the collection of data/information and nowhere in the rules does it say this can be done by 'unsecured' means (over the telephone) and it clearly states the 'purpose' for the use of such data must be given. Oh yes, Richard Thomas is deliberately ignoring is own rules "If someone wants to use your information for another purpose…you should be told about it and given a choice".

Further more, Richard Thomas states that the 'Data Controller' is any or all members of the Law Society Board (100 plus?). First nowhere in the rule book can I find that it states that a 'Data Controller' can use information from files for their own personal use, as Richard Hegarty did, and the information in a complainant's file can only be used in relation to that complainant's complaint. Back to the Law Society's '100 plus Data Controllers' in charge of the CCS's complaints filing system, I'm sure your English grammar is far better than mine but the rules all state, when referring to data held, 'the Data Controller' clearly 'singular' so how can Richard Thomas replace the 'singular' with the 'plural' by saying the Law Society have 100 plus Data Controllers based all round the UK in charge of the CCS's complaints filing system that is kept at Leamington Spa, Warwickshire? Richard Thomas must be aware of a precedence he is creating for all firms and businesses in this country, for instance everyone within a firm/business could be the Data Controller with the freedom to use personal information and pass/collect it to/from others, by unsecured means (over the telephone), to use for any purpose they like. From now on an individual's private and personal information within multi national companies can be verbally passed around associated companies and used by anyone for personal gain of these companies or other individuals just as Richard Thomas states the Law Society are being allowed to do.

Richard Thomas has stated the reason Richard Hegarty collected my personal details was so he could 'phone me at home during the evening to discuss with me an 'issue' which I had 'raised'? Richard Thomas knows what this 'issue' is that he and Aman Virk say was "Law Society business", so if he could as I did previously ask say what this 'issue' was may be it might justify Richard Hegarty's illegal collection of my personal details. You state regarding Richard Hegarty's collection of my personal data that without evidence you cannot make an assessment. This is at present with the LSO when I get the necessary information I will come back to you.

I have enclosed part copy of a letter I received from the DCA and as you can see it states the 'data controller' "is a "person…"" clearly 'singular' so tell me how can the IC state the OSS have a 100 plus Data Controllers keeping complaint files in a "secure" environment? As you must know the Data Controllers' must comply "with an enforceable set of good information handling rules known as the eight data protection principles" which, as I understand, is the Information Commissioner's job to 'enforce'. Let me now quote:-
Data Protection Act 1998
1998 Chapter 29 - continued
An Act to make new provision for the regulation of the processing of information relating to individuals, including the obtaining, holding, use or disclosure of such information.

…data controller" means, subject to subsection (4), a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed;
Again the Data Controller is referred to in the 'singular' and the protocol for "obtaining, holding, use or disclosure of such information" from the OSS held complaints files are very clear. May be the IC needs guidance on how to apply the rules in a fair and just way!

Yours sincerely