On Wed, Jan 14, 2004 at 01:21:06PM -0000, Ben Cawley wrote:
> In fact, it took them 83 days to respond to my request, and when I
> did eventually receive something it was missing a lot of information
> that I think (though I am not 100% certain of this) they keep on there
> records system.
You did well.
I've made about 10 SARs to date. All but 2 of them took longer than this.
Most of them provided a tiny fraction of the information they had. (BT
for example supplied *two pages*!) There has only been one that I didn't
have to write back for (a) more data and/or (b) an explanation of the
data provided.
Several have ignored my correspondence entirely.
I've had to report 3 to the OIC so far.
The first, who supplied minimal information and told me they weren't
going to supply any more, the OIC accept aren't providing the info they
should, but have had no success in getting them to comply.
The second, who completely ignored me, the OIC forced to send me some
information, but again it was minimal, and neither they nor the OIC have
replied to my follow-ups on this.
The third I have heard nothing from the OIC regarding my complaint,
made at least 3 months ago.
These are a mixture of national utility companies, financial institutions
(banks, credit card providers), and large ecommerce retailers.
Data Protection compliance, for the most part, seems to be a complete
joke.
Being able to do anything about it as a Subject, likewise seems to be
a myth.
Tony
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|