Housing biz made to pay £1.5k for sticking fingers in its ears when served a subject access request

| Author: Tony Imossi (Secretariat) | Filed under: General News
Housing biz made to pay £1.5k for sticking fingers in its ears when served a subject access request

If someone asks for their data, you give it to them, scolds ICO.

A Buckinghamshire housing developer has been forced to pay up £1,500 after ignoring a person's request for information the company held on them.

Using subject access requests (SAR), people can ask organisations to provide all the personal data held on them.

Under data protection laws, companies have 40 calendar days to respond, but Magnacrest failed to meet this time frame for a SAR it received in April 2017.

The individual, who had also included a cheque for £10 – the fee that organisations were allowed to charge for processing SARs before the GDPR made them free – then complained to the UK's data protection watchdog.

The Information Commissioner's Office sent the firm letters in August, September and October requesting that it respond to the individual, and the spoke to Magnacrest on the phone in September.

However, it failed to take heed, and the ICO issued an enforcement notice (PDF) ordering it to comply in January 2018.

However, Magnacrest failed to do so, at which point the ICO brought a criminal prosecution against the firm.

That case was heard on 6 February in Westminster Magistrates' Court, where the housing developer pleaded guilty to a charge of failing to comply with an enforcement notice.

Magnacrest was fined £300 for the inaction, and ordered to pay £30 for a victim surcharge and some £1,133.75 towards prosecution costs.

"The right to access your own personal information is a fundamental and long-standing principle of data protection law," said Mike Shaw, the ICO's criminal enforcement manager.

"Organisations not only have to respect this right but must also respect notices from the ICO enforcing the law. If they fail to do so then they must accept the consequences, which can include a criminal prosecution."

The General Data Protection Regulation, brought into effect in May 2018, made it free for people to make SARs. ®

Source:  The Register

Endorsed by the Law Society

The ABI is the only association in this industry to be endorsed by the Law Society of England and Wales, and included in the Law Society of Scotland's approved Supplier Scheme.

The highest independent professional bodies for solicitors put their trust in us. We’re confident you can do the same.

Law Society logo
Scotland Law Society logo
Thank you, your message has been sent.
A member of our team will be in touch shortly.
Loading...
Working...