Anyone have DPA knowledge?
Discussion
I'm having a bit of bother with a website that is publicising my home address against my wishes.
The site offers a "free removal service" but they then demand a phone number, full DOB, email address etc. which is information I doubt they have, so I have provided only part of my number and DOB. They have refused to remove my record from the site or search results and will have no further discussion unless I pay a fee. The reason they give is that the information provided was false and they could not therefore identify the data subject. The information provided isn't false, it is partially redacted to prevent people like them from abusing it.
However, they have updated their website stating that I am at the address as of today, based upon the fact that I have contacted them! So they are obviously sure enough who I am to do that!
It appears to be a scam to be honest. They either get more personal information about people which they will no doubt find a way of exploiting or when people won't provide it they charge a fee for further consideration of the matter.
The ICO has said they'll look at it but that the process is fairly slow. The registrar of the site and web host have said they will act only when legally required to do so or when their T&Cs have been breached.
I would like to stop these people using my personal information as swiftly as possible,. Any pointers from someone in the know would be appreciated.
The site offers a "free removal service" but they then demand a phone number, full DOB, email address etc. which is information I doubt they have, so I have provided only part of my number and DOB. They have refused to remove my record from the site or search results and will have no further discussion unless I pay a fee. The reason they give is that the information provided was false and they could not therefore identify the data subject. The information provided isn't false, it is partially redacted to prevent people like them from abusing it.
However, they have updated their website stating that I am at the address as of today, based upon the fact that I have contacted them! So they are obviously sure enough who I am to do that!
It appears to be a scam to be honest. They either get more personal information about people which they will no doubt find a way of exploiting or when people won't provide it they charge a fee for further consideration of the matter.
The ICO has said they'll look at it but that the process is fairly slow. The registrar of the site and web host have said they will act only when legally required to do so or when their T&Cs have been breached.
I would like to stop these people using my personal information as swiftly as possible,. Any pointers from someone in the know would be appreciated.
Well, let's look at the seven principles:
used fairly and lawfully - was consent given for them to have this information in the first place?
used for limited, specifically stated purposes - if consent was given, for what stated purpose was it, and have they exceeded that?
used in a way that is adequate, relevant and not excessive - is this excessive use, again, what initial consent was there?
accurate - I think we can assume that it is at least accurate otherwise you wouldn't have a complaint
kept for no longer than is absolutely necessary - again, what was the initial purpose for this information, do they still have a legitimate reason for keeping it?
handled according to people’s data protection rights - if it is marketing related, you do have a legal right to request its deletion.
kept safe and secure - err, Hell no if it's on a public web page.
not transferred outside the UK without adequate protection - again, it's on a web page, so you could argue that if it is browsed outside the UK, it has effectively been transferred without adequate protection.
If you can ascertain an address, send a letter (recorded delivery) stating which parts of the DPA you believe them to have violated, and indicate that you have the ICO involved. A colleague has just got his information corrected and a few £100 'good will' out of a utilities company using this approach.
Good luck,
Mick
used fairly and lawfully - was consent given for them to have this information in the first place?
used for limited, specifically stated purposes - if consent was given, for what stated purpose was it, and have they exceeded that?
used in a way that is adequate, relevant and not excessive - is this excessive use, again, what initial consent was there?
accurate - I think we can assume that it is at least accurate otherwise you wouldn't have a complaint
kept for no longer than is absolutely necessary - again, what was the initial purpose for this information, do they still have a legitimate reason for keeping it?
handled according to people’s data protection rights - if it is marketing related, you do have a legal right to request its deletion.
kept safe and secure - err, Hell no if it's on a public web page.
not transferred outside the UK without adequate protection - again, it's on a web page, so you could argue that if it is browsed outside the UK, it has effectively been transferred without adequate protection.
If you can ascertain an address, send a letter (recorded delivery) stating which parts of the DPA you believe them to have violated, and indicate that you have the ICO involved. A colleague has just got his information corrected and a few £100 'good will' out of a utilities company using this approach.
Good luck,
Mick
Answers below in caps for clarity, I'm not shouting.
used fairly and lawfully - was consent given for them to have this information in the first place?
I SUSPECT THEY GOT THE INFO FROM COMPANIES HOUSE. I MUST BRIEFLY HAVE BEEN A DIRECTOR REGISTERED AT THE ADDRESS.
used for limited, specifically stated purposes - if consent was given, for what stated purpose was it, and have they exceeded that?
I WOULD HAVE GIVEN IT BECAUSE I WAS LEGALLY REQUIRED TO AT THE TIME.
used in a way that is adequate, relevant and not excessive - is this excessive use, again, what initial consent was there?
IT COULD ONLY HAVE BEEN COMPANIES HOUSE. I NEVER GIVE OUT MY PERSONAL ADDRESS AND I HAVE ALWAYS OPTED OUT OF THE ELECTORAL ROLL (PUBLIC)
accurate - I think we can assume that it is at least accurate otherwise you wouldn't have a complaint
kept for no longer than is absolutely necessary - again, what was the initial purpose for this information, do they still have a legitimate reason for keeping it?
THEY HAVE NEVER BEEN GIVEN IT, THEY MUST HAVE HAD IT FROM COMPANIES HOUSE.
handled according to people’s data protection rights - if it is marketing related, you do have a legal right to request its deletion.
IT WOULD SEEM TO BE IN USE TO DRAW PEOPLE TO THE SITE TO SELL THEM MORE DATA.
kept safe and secure - err, Hell no if it's on a public web page.
IT IS NOT BEING KEPT SAFE AND SECURE.
not transferred outside the UK without adequate protection - again, it's on a web page, so you could argue that if it is browsed outside the UK, it has effectively been transferred without adequate protection.
QUITE
If you can ascertain an address, send a letter (recorded delivery) stating which parts of the DPA you believe them to have violated, and indicate that you have the ICO involved. A colleague has just got his information corrected and a few £100 'good will' out of a utilities company using this approach.
THIS OUTFIT OPERATES OUT A NEW BUILD HOURING ESTATE IN (AS I RECALL) BOLTON. I THINK THE OWNER IS A PRIVATE DETECTIVE WHO HAS DECIDED TO BRANCH OUT BY PIMPING PEOPLE'S PERSONAL DETAILS.
Good luck,
Mick
[/quote]
TheHound said:
Problem is if it was registered with companies house you will probably find the information listed on a number of legitimate websites;
companycheck.com
companydirectorcheck.com
companiesintheuk.com
192.com
etc
Possibly, but there are no Google search returns for my name at the address.companycheck.com
companydirectorcheck.com
companiesintheuk.com
192.com
etc
Furthermore IF it was from companies house the data is years old. It was provided to companies house for a specific purpose and has not been updated. This outfit is saying I am there today and doing so publicly and via a Google search.
What's the big secret? The postman knows where you live. OK, if you are a Bond Villain and your address is Number 1, Secret Evil Base Inside a Hollowed Out Volcano With All Monorails And Lasers And Stuff, you might have a beef, but otherwise, why bother?
This is a bit like people blanking out their car registrations when posting photos of jalopies. Kinnell, anyone walking past can see the number.
This is a bit like people blanking out their car registrations when posting photos of jalopies. Kinnell, anyone walking past can see the number.
Breadvan72 said:
What's the big secret? The postman knows where you live. OK, if you are a Bond Villain and your address is Number 1, Secret Evil Base Inside a Hollowed Out Volcano With All Monorails And Lasers And Stuff, you might have a beef, but otherwise, why bother?
This is a bit like people blanking out their car registrations when posting photos of jalopies. Kinnell, anyone walking past can see the number.
Hey dhead! Stop giving out my address! Erm, mwuhahahha. Etc.This is a bit like people blanking out their car registrations when posting photos of jalopies. Kinnell, anyone walking past can see the number.
Breadvan72 said:
What's the big secret? The postman knows where you live. OK, if you are a Bond Villain and your address is Number 1, Secret Evil Base Inside a Hollowed Out Volcano With All Monorails And Lasers And Stuff, you might have a beef, but otherwise, why bother?
This is a bit like people blanking out their car registrations when posting photos of jalopies. Kinnell, anyone walking past can see the number.
Actually the postman seems to be one person who doesn't know where I live, but that's another matter.This is a bit like people blanking out their car registrations when posting photos of jalopies. Kinnell, anyone walking past can see the number.
The "big secret" as you put it is that I don't want my home address to come up when someone searches my name. In part it is about privacy but also I have in the past had a nutter trying to find me. He only managed to find the address registered to one of our domain names. I don't want to make it easier for future nutters to find me.
Breadvan72 said:
What's the big secret? The postman knows where you live. OK, if you are a Bond Villain and your address is Number 1, Secret Evil Base Inside a Hollowed Out Volcano With All Monorails And Lasers And Stuff, you might have a beef, but otherwise, why bother?
This is a bit like people blanking out their car registrations when posting photos of jalopies. Kinnell, anyone walking past can see the number.
Happy to post your address then?This is a bit like people blanking out their car registrations when posting photos of jalopies. Kinnell, anyone walking past can see the number.
Eleven said:
I SUSPECT THEY GOT THE INFO FROM COMPANIES HOUSE. I MUST BRIEFLY HAVE BEEN A DIRECTOR REGISTERED AT THE ADDRESS.that?
I WOULD HAVE GIVEN IT BECAUSE I WAS LEGALLY REQUIRED TO AT THE TIME.
IT COULD ONLY HAVE BEEN COMPANIES HOUSE. I NEVER GIVE OUT MY PERSONAL ADDRESS AND I HAVE ALWAYS OPTED OUT OF THE ELECTORAL ROLL (PUBLIC)
If that's the case, then the information is in the public domain.I WOULD HAVE GIVEN IT BECAUSE I WAS LEGALLY REQUIRED TO AT THE TIME.
IT COULD ONLY HAVE BEEN COMPANIES HOUSE. I NEVER GIVE OUT MY PERSONAL ADDRESS AND I HAVE ALWAYS OPTED OUT OF THE ELECTORAL ROLL (PUBLIC)
TooMany2cvs said:
Eleven said:
I SUSPECT THEY GOT THE INFO FROM COMPANIES HOUSE. I MUST BRIEFLY HAVE BEEN A DIRECTOR REGISTERED AT THE ADDRESS.that?
I WOULD HAVE GIVEN IT BECAUSE I WAS LEGALLY REQUIRED TO AT THE TIME.
IT COULD ONLY HAVE BEEN COMPANIES HOUSE. I NEVER GIVE OUT MY PERSONAL ADDRESS AND I HAVE ALWAYS OPTED OUT OF THE ELECTORAL ROLL (PUBLIC)
If that's the case, then the information is in the public domain.I WOULD HAVE GIVEN IT BECAUSE I WAS LEGALLY REQUIRED TO AT THE TIME.
IT COULD ONLY HAVE BEEN COMPANIES HOUSE. I NEVER GIVE OUT MY PERSONAL ADDRESS AND I HAVE ALWAYS OPTED OUT OF THE ELECTORAL ROLL (PUBLIC)
Gassing Station | Speed, Plod & the Law | Top of Page | What's New | My Stuff