Complaints statistics regarding EE.

The request was successful.

Dear Information Commissioner’s Office,

Please could you provide answers to the following questions regarding EE since GDPR was introduced.

1. How many complaints have you received in regards to breaches of GDPR regulations since GDPR was introduced regarding EE
2. How many of these complaints were investigated.
3. How many times did you find EE to be in breach of GDPR.
4. How many complaints have you recieved in regards to Non-Compliance of the GDPR regulations regarding EE.
5.How many of these complaints were investigated.
6. How many times did you find EE to be non compliant with the GDPR regulations.
7. How many times have EE themselves reported breaches and/or non compliance of the GDPR to the ICO.
8. If any How many of these were within the correct timescale.
9. Have EE ever been fined in accordance with the GDPR regulations surrounding breaches and non compliance.
10. Are you currently investigating EE for any breaches or non compliance of the GDPR.
11. How many companies with a turnover of over 3 million pounds, been fined thus far in regards to breaches or non compliance of GDPR and what was the average fine.
12. How many companies with a turnover or less than 3 million pounds, been fined in reqards to breaches or non complaints of GDPR and what was the average fine.

Yours faithfully,
Stuart Holmes

AccessICOinformation, Information Commissioner's Office

Thank you for contacting the Information Commissioner’s Office. We confirm
that we have received your correspondence.

If you have made a request for information held by the ICO we will contact
you as soon as possible if we need any further information to enable us to
answer your request. If we don't need any further information we will
respond to you within our published, and statutory, service levels. For
more information please visit [1]http://ico.org.uk/about_us/how_we_comply

If you have raised a new information rights concern - we aim to send you
an initial response and case reference number within 30 days.

If you are concerned about the way an organisation is handling your
personal information, we will not usually look into it unless you have
raised it with the organisation first. For more information please see our
webpage ‘raising a concern with an organisation’ (go to our homepage and
follow the link ‘for the public’). You can also call the number below.

If you have requested advice - we aim to respond within 14 days. 

If your correspondence relates to an existing case - we will add it to
your case and consider it on allocation to a case officer.

Copied correspondence - we do not respond to correspondence that has been
copied to us.

For more information about our services, please see our webpage ‘Service
standards and what to expect' (go to our homepage and follow the links for
‘Report a concern’ and ‘Service standards and what to expect'). You can
also call the number below.

For information about what we do with personal data see our [2]privacy
notice.

If there is anything you would like to discuss with us, please call our
helpline on 0303 123 1113.

Yours sincerely

The Information Commissioner’s Office

Our newsletter

Details of how to sign up for our monthly e-newsletter can be found at
[3]http://www.ico.org.uk/tools_and_resource...

Twitter

Find us on Twitter at [4]http://www.twitter.com/ICOnews

 

References

Visible links
1. http://ico.org.uk/about_us/how_we_comply
2. https://ico.org.uk/global/privacy-notice/
3. http://www.ico.org.uk/tools_and_resource...
4. http://www.twitter.com/ICOnews

Information Commissioner's Office

31 August 2018

 

Case Reference Number IRQ0779319

 

Dear Mr Holmes

Thanking you for requesting information from the Information
Commissioner’s Office (ICO). We are now in apposition to respond to your
request.
 
We have considered your request under the Freedom of Information Act 2000
(FOIA).
 
Your request
 
You asked us the following questions:
 
“1. How many complaints have you received in regards to breaches of GDPR
regulations since GDPR was introduced regarding EE 
 
2. How many of these complaints were investigated.
 
3. How many times did you find EE to be in breach of GDPR.
 
4. How many complaints have you recieved in regards to Non-Compliance of
the GDPR regulations regarding EE.
 
5.How many of these complaints were investigated.
 
6. How many times did you find EE to be non compliant with the GDPR
regulations.
 
7. How many times have EE themselves reported breaches and/or non
compliance of the GDPR to the ICO.
 
8. If any How many of these were within the correct timescale.
 
9. Have EE ever been fined in accordance with the GDPR regulations
surrounding breaches and non compliance.
 
10. Are you currently investigating EE for any breaches or non compliance
of the GDPR.
 
11. How many companies with a turnover of over 3 million pounds, been
fined thus far in regards to breaches or non compliance of GDPR and what
was the average fine.
 
12. How many companies with a turnover or less than 3 million pounds, been
fined in reqards to breaches or non complaints of GDPR and what was the
average fine.”
 
 
Our response 
I can confirm that we do hold information within scope of your request.
 
I shall answer each of you questions in turn:
 
 

 1. Since 25 May there have been 14 requests for assessment of EE’s
(non-)compliance with the General Data Protection Regulations/Data
Protection Act 2018 (GDPR/DPA 2018)

 
 

 2. Of the 14, 9 have since been assessed.

 
 

 3. We have found it unlikely that EE have complied with GDPR/DPA 2018 on
3 occasions.

 
 

 4. 5. 6. We understand that ‘breaching’ legislation, and ‘not complying’
with it are the same thing. Thus these questions have already been
answered.

 
 

 7. EE have not self-reported a breach under GDPR/DPA 2018.

 
 

 8. Not applicable.

 
 

 9. EE have never been issued with a civil monetary penalty     (CMP) for
breaching GDPR/DPA 2018.

 
 

10. There are 5 assessments still ongoing of EE’s compliance with GDPR/DPA
2018.

 
 

11. No companies have been issued with CMPs for breaching GDPR/DPA 2018.

 
 

12. See above.

 
 
This concludes our response. Please see below for some information you may
find interesting in relation to your request.
 
 
General Advice:
 
We publish data on the [1]civil monetary penalties (CMPs) we have issued
on our website.
 
We also publish datasets of our [2]complaints and concerns about
organisations’ data practices. Although they currently only go up to
October 2017, they will be updated in due course.
 
Next steps
 
If you are dissatisfied with the response you have received and wish to
request a review of our decision or make a complaint about how your
request has been handled you should write to the Information Access team
at the address below or email [3][ICO request email]
 
Your request for internal review should be submitted to us within 40
working days of receipt by you of this response.  Any such request
received after this time will only be considered at the discretion of the
Commissioner.
 
If having exhausted the review process you are not content that your
request or review has been dealt with correctly, you have a further right
of appeal to this office in our capacity as the statutory complaint
handler under the legislation.  To make such an application, please write
to the Customer Contact department, at the address below or visit the
‘Complaints’ section of our website to make a Freedom of Information Act
or Environmental Information Regulations complaint online.
 
A copy of our review procedure is available [4]here.
 
For information about what we do with personal data see our [5]privacy
notice.
 
Yours sincerely,
 
 

Frederick Aspbury
Lead Information Access Officer
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow,
Cheshire SK9 5AF
T. 0330 414 6397 F. 01625 524510  [6]ico.org.uk  [7]twitter.com/iconews
Please consider the environment before printing this email
For information about what we do with personal data see our [8]privacy
notice

 
 

References

Visible links
1. https://ico.org.uk/media/action-weve-tak...
2. https://ico.org.uk/about-the-ico/our-inf...
3. mailto:[ICO request email]
4. https://ico.org.uk/media/about-the-ico/p...
5. https://ico.org.uk/global/privacy-notice/
6. http://ico.org.uk/
7. https://twitter.com/iconews
8. https://ico.org.uk/global/privacy-notice/