Dear Information Commissioner's Office,

My understanding is that car number plates are personal information - but does that depend on the driver of the car pictured being the driver?

Even though s/he may not be identifiable from the data ?

Because otherwise it would be identification of the car - owned by someone else, and not the potentially pictured driver.

Plus ID of the car owner is only available to the DVLC, which turns down anyone enquiring if they do not have a bona fide and legitimate reason to do so.

Does this legal protection make the ability of a viewer of a car unable to know the ID of the driver? And therefore not applicable under FOIA?

Would a picture meet FOIA requirements if the number plate was erased but the driver’s face remained, if the picture was taken in a public place - say a High Street?

If there are any linked court cases or data held n file making number plate decisions, I’d be interested to read them.

Yours faithfully,

JtOakley

icoaccessinformation, Information Commissioner's Office

Thank you for contacting the Information Commissioner’s Office. We confirm
that we have received your correspondence.

If you have made a request for information held by the ICO we will contact
you as soon as possible if we need any further information to enable us to
answer your request. If we don't need any further information we will
respond to you within our published, and statutory, service levels. For
more information please visit:

[1]https://ico.org.uk/about-the-ico/our-inf...

If you have raised a new information rights concern - we aim to send you
an initial response and case reference number within 30 days.

If you are concerned about the way an organisation is handling your
personal information, we will not usually look into it unless you have
raised it with the organisation first. For more information please see our
webpage ‘raising a concern with an organisation’ (go to our homepage and
follow the link ‘for the public’). You can also call the number below.

If you have requested advice - we aim to respond within 14 days. 

If your correspondence relates to an existing case - we will add it to
your case and consider it on allocation to a case officer.

Copied correspondence - we do not respond to correspondence that has been
copied to us.

For more information about our services, please see our webpage ‘Service
standards and what to expect' (go to our homepage and follow the links for
‘Report a concern’ and ‘Service standards and what to expect'). You can
also call the number below.

For information about what we do with personal data see our [2]privacy
notice.

If there is anything you would like to discuss with us, please call our
helpline on 0303 123 1113.

Yours sincerely

The Information Commissioner’s Office

Our newsletter

Details of how to sign up for our monthly e-newsletter can be found
[3]here.

Twitter

Find us on Twitter [4]here.

 

References

Visible links
1. https://ico.org.uk/about-the-ico/our-inf...
2. https://ico.org.uk/global/privacy-notice/
3. https://ico.org.uk/about-the-ico/news-an...
4. http://www.twitter.com/ICOnews

icocasework, Information Commissioner's Office

4 September 2023

Our reference: IC-255312-S2G2 

Dear J T Oakley,

Thank you for your recent request for information. We received your
request on 30 August 2023. Your request will be allocated to an
Information Access Officer who will contact you under the reference number
above in due course.
Under statutory timeframes our response to your request is due by 27
September 2023.
If you have any queries about this information request you may email us,
quoting our reference number in the subject line. Please note that
Information Access Officers are only able to address information requests
to ICO; they are unable to assist with complaints to ICO, or to provide
general advice about the legislation we oversee, as this work is done by
other ICO departments.  
Our privacy notice explains what we do with the personal data you provide
to us when you make an information request:
https://ico.org.uk/global/privacy-notice...
Thank you for your interest in the work of the Information Commissioner's
Office.
Yours sincerely,
Information Access Team
Information Commissioner’s Office
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow,
Cheshire SK9 5AF
T. 0303 123 1113 [1]ico.org.uk [2]twitter.com/iconews
Please consider the environment before printing this email

Please be aware we are often asked for copies of the correspondence we
exchange with third parties. We are subject to all of the laws we deal
with, including the data protection laws and the Freedom of Information
Act 2000. You can read about these on our website ([3]www.ico.org.uk).
Please say whether you consider any of the information you send us is
confidential. You should also say why. We will withhold information where
there is a good reason to do so.
For information about what we do with personal data see our privacy notice
at [4]www.ico.org.uk/privacy-notice
 

References

Visible links
1. https://ico.org.uk/
2. https://twitter.com/iconews
3. https://www.ico.org.uk/
4. https://www.ico.org.uk/privacy-notice

icocasework, Information Commissioner's Office

13 September 2023 

Case Reference: IC-255312-S2G2 

Dear JtOakley

I write in relation to your recent request for information.

I can confirm that the following will be handled as a request under the
FOIA: 

"If there any linked court cases or data held n file making number plate
decisions, I'd be interested to read them." 

The remainder of your email is not a request for recorded information, but
is a series of enquiries about the legislation we oversee. We provide
advice services for the public, but not through the WDTK website. 

Please visit our website for details of how to access our advice services,
or call our helpline on 0303 123 1113. 

Yours sincerely,

Jennifer Wilkes 
Senior Information Access Officer 
Information Commissioner's Office

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow,
Cheshire SK9 5AF
[1]ico.org.uk [2]twitter.com/iconews
Please consider the environment before printing this email.
For information about what we do with personal data see our privacy notice
at [3]www.ico.org.uk/privacy-notice.

References

Visible links
1. https://ico.org.uk/
2. https://twitter.com/iconews
3. https://www.ico.org.uk/privacy-notice

Dear icocasework,

I can confirm that the following will be handled as a request under the
FOIA:

"If there any linked court cases or data held n file making number plate
decisions, I'd be interested to read them."

PLEASE THEREFORE PROVIDE THE DATA THAT THE ICO HAS ON FILE.

THANKYOU

Yours sincerely,

JtOakley

icocasework, Information Commissioner's Office

 

 

Thank you for contacting the Information Commissioner’s Office. We confirm
that we have received your correspondence. If you have any special
requirements that mean you would like us to communicate with you in a
specific way, please let us know and we will make adjustments if we can.

 

 

If you have made a new complaint - we’re unlikely to look into it unless
you have raised it with the responsible organization (for a data
protection complaint) or the responsible public authority (for a freedom
of information complaint) first. Please make sure you have sent us a copy
of their final response to you. We will assign your complaint to a case
officer as soon as we can, and they will contact you in due course.

 

 

If your correspondence relates to an existing case - we will add it to
your case and consider it on allocation to a case officer. If you believe
we have either failed to take appropriate steps to respond to your data
protection complaint, or we do not provide you with information about the
progress or outcome of your complaint within the next three months, you
may be able to apply to the First-tier Tribunal to require us to respond
to your complaint or to provide you with information about its progress.
(www.gov.uk - information rights and data protection: appeal against the
Information Commissioner)

 

 

If you have asked us for advice - we will respond within 14 days. While
you wait, you should regularly check our website ([1]www.ico.org.uk) for
relevant guidance, as we are updating this all the time. You should read
our [2]Guide to the UK GDPR. If you have raised a question that we have
answered on our website, we may respond by sending you a link to it. But
will do our best to provide you with the information you need.

 

 

If you represent an organisation and you are reporting a personal data
breach under the GDPR or the Data Protection Act 2018 - we aim to contact
you within seven days to confirm receipt and to provide you with a case
reference number. If you want advice urgently, you should telephone our
helpline on 0303 123 1113. You can find out more about data breach
reporting on our website.

 

Where a significant cyber incident occurs, you may also need to report
this to the National Cyber Security Centre (the NCSC). To help you decide,
you should read the NCSC’s guidance about their role and the type of
incidents that you should consider reporting. (www.ncsc.gov.uk
-incident-management)

 

Incidents that might lead to a heightened risk of individuals being
affected by fraud, should be reported to Action
Fraud (www.actionfraud.police.uk) - the UK’s national fraud and cybercrime
reporting centre. If your organisation is in Scotland, then reports should
be made to Police Scotland (www.scotland.police.uk).

 

 

 

If you are a Communications Service Provider reporting a security breach
under the Privacy and Electronic Communications Regulations – you will
need to report the security breach via the secure portal that can be found
on the PECR pages of our website.

 

 

If you represent an organisation and are reporting a potential incident
under the NIS Directive - we will contact you as soon as we can. You can
find out more about the NIS Regulations on our website.

 

 

If you represent an organization and you are reporting a security breach
within the definition of the eIDAS regulation – we will contact you as
soon as we can. You can find out more about the eIDAS regulation on our
website.

 

If you have reported spam email – we are unlikely to need to contact you
again, unless we need more information to help with our investigations. We
publish details about the action we've taken on nuisance messages on our
website.

 

 

 

If you have asked for information you think we might hold - we will
contact you if we need any more information to help us respond. Otherwise,
we will respond within our public and statutory service levels. For more
information please visit our webpage ‘request information from us’ (go to
our homepage and follow the link for ‘about the ICO’ and ‘our
information’).

 

 

 

If you have only copied your correspondence to us - we will not respond.

 

 

 

There is more detailed information, including information on our current
response times, on our service standards and what to expect webpage. You
can also call 0303 123 1113, we welcome calls in Welsh on 029 2067 8400.
You can also contact us on live chat (please visit our webpage ‘contact
us’ and ‘live chat’).

 

 

For information about what we do with personal data please see our privacy
notice: https://ico.org.uk/global/privacy-notice/

 

 

Yours sincerely

 

 

The Information Commissioner’s Office

 

 

 

 

 

 

 

 

 

Diolch yn fawr ichi am gysylltu â Swyddfa’r Comisiynydd Gwybodaeth. Rydym
yn cadarnhau bod eich gohebiaeth wedi dod i law. Os oes gennych unrhyw
ofynion arbennig sy'n golygu yr hoffech i ni gyfathrebu â chi mewn ffordd
benodol, rhowch wybod i ni a byddwn yn gwneud addasiadau os gallwn.

 

 

Os ydych wedi gwneud cwyn newydd – dydyn ni ddim yn debygol o edrych i
mewn iddo oni bai eich bod wedi’i godi’n gyntaf gyda’r sefydliad cyfrifol
(cwyn am ddiogelu data) neu’r awdurdod cyhoeddus cyfrifol (cwyn am ryddid
gwybodaeth). Gofalwch eich bod wedi anfon copi aton ni o’u hymateb
terfynol ichi. Byddwn yn rhoi’ch achos i swyddog achosion cyn gynted ag y
gallwn, a bydd y swyddog yn cysylltu â chi maes o law.

 

 

 

Os yw’ch gohebiaeth yn ymwneud ag achos sydd eisoes yn bod - byddwn yn ei
hychwanegu at eich achos ac fe gaiff ei hystyried ar ôl cael ei dyrannu i
swyddog achosion. Os ydych yn credu ein bod ni naill ai wedi methu cymryd
camau priodol i ymateb i'ch cwyn diogelu data, neu heb ddarparu gwybodaeth
ichi am gynnydd neu ganlyniad eich cwyn o fewn y tri mis nesaf, efallai y
byddwch yn gallu gwneud cais i'r Tribiwnlys Haen Gyntaf i’w gwneud yn
ofynnol inni ICO ymateb i'ch cwyn neu ddarparu gwybodaeth ichi am gynnydd
eich cwyn. (www.gov.uk - information rights and data protection: appeal
against the Information Commissioner)

 

 

Os ydych wedi gofyn am gyngor – byddwn yn ymateb o fewn 14 diwrnod. Tra
byddwch yn aros, dylech edrych yn rheolaidd ar ein [3]gwefan
([4]www.ico.org.uk) i chwilio am ganllawiau perthnasol, gan eu bod yn cael
eu diweddaru drwy’r amser. Hefyd dylech ddarllen ein [5]blogiau ynghylch
‘mythau’r GDPR’. Os ydych wedi codi cwestiwn sydd wedi’i ateb ar ein
gwefan, mae’n bosibl y byddwn yn ymateb drwy anfon dolen atoch i gysylltu
â’r ateb.  Ond fe wnawn ein gorau glas i roi’r wybodaeth angenrheidiol
ichi

 

 

Os ydych yn cynrychioli sefydliad a’ch bod yn rhoi gwybod am drosedd data
personol o dan y GDPR neu Ddeddf Diogelu Data 2018 – rydym yn anelu at
gysylltu â chi o fewn saith niwrnod calendr i gadarnhau bod eich neges
wedi dod i law ac i roi rhif cyfeirnod achos ichi. Os oes arnoch eisiau
cyngor ar frys, dylech ffonio’n llinell gymorth ar 0303 123 1113. Cewch
ragor o wybodaeth am roi gwybod am droseddau data ar ein gwefan.

 

 

Pan fo digwyddiad seibr arwyddocaol yn digwydd, mae’n bosibl y bydd angen
ichi roi gwybod amdano hefyd i’r Ganolfan Seiberddiogelwch Genedlaethol
(yr NCSC). I’ch helpu i benderfynu, dylech ddarllen canllawiau’r NCSC ar
eu rôl a’r math o ddigwyddiadau y dylech ystyried rhoi gwybod amdanyn nhw.
(www.ncsc.gov.uk -incident-management)

 

 

Dylai digwyddiadau a allai arwain at risg uwch y bydd twyll yn effeithio
ar unigolion gael eu cyfleu i Action Fraud (www.actionfraud.police.uk) –
sef canolfan genedlaethol y Deyrnas Unedig ar gyfer rhoi gwybod am dwyll a
seiberdroseddau. Os yw eich sefydliad yn yr Alban, yna i Heddlu’r Alban y
dylech chi roi gwybod (www.scotland.police.uk).

 

 

Os ydych yn Ddarparwr Gwasanaethau Cyfathrebu sy’n rhoi gwybod am dor
diogelwch o dan y Rheoliadau Preifatrwydd a Chyfathrebu Electronig – bydd
angen ichi roi gwybod am y tor diogelwch drwy’r [6]porth diogel sydd ar
gael ar y tudalennau ar ein gwefan sy’n ymwneud â’r PECR.

 

 

Os ydych yn cynrychioli sefydliad a’ch bod yn rhoi gwybod am ddigwyddiad
posibl o dan Gyfarwyddeb yr NIS – byddwn yn cysylltu â chi cyn gynted ag y
gallwn. Cewch ragor o wybodaeth am Reoliadau’r NIS ar ein gwefan.

 

 

Os ydych yn cynrychioli sefydliad a’ch bod yn rhoi gwybod am dor diogelwch
o fewn y diffiniad yn Rheoliad eIDAS – byddwn yn cysylltu â chi cyn gynted
ag y gallwn. Cewch ragor o wybodaeth am Reoliad eIDAS ar ein gwefan.

 

Os ydych wedi rhoi gwybod am ebost sbam – mae’n annhebygol y bydd angen
inni gysylltu â chi eto, oni bai bod arnon ni angen rhagor o wybodaeth i
helpu yn ein hymchwiliad. Rydym yn cyhoeddi gwybodaeth am y camau rydyn ni
wedi’u cymryd ynghylch negeseuon niwsans ar ein gwefan.

 

 

Os ydych wedi gofyn am wybodaeth yr ydych yn credu ei bod gennyn ni –
byddwn yn cysylltu â chi os bydd arnom angen rhagor o wybodaeth i’n helpu
i ymateb. Fel arall, byddwn yn ymateb ichi o fewn ein lefelau gwasanaeth
statudol a chyhoeddus. I gael rhagor o wybodaeth, ewch i’n tudalen gwe
‘request information from us’ (ewch i’n tudalen hafan a dilynwch y ddolen
‘about the ICO’ ac ‘our information’).

 

 

Os ydych wedi anfon copi o’ch gohebiaeth aton ni ond dim byd arall –
fyddwn ni ddim yn ymateb.

 

Mae gwybodaeth fanylach, gan gynnwys gwybodaeth am ein hamserau ymateb
presennol, ar ein tudalen gwe safonau gwasanaeth a beth i’w ddisgwyl.
Gallwch ffonio hefyd yn y Gymraeg ar 0303 123 1113 opsiwn 9 neu yn Saesneg
ar 0303 123 1113. Gallwch gysylltu â ni hefyd i gael sgwrs fyw (ewch i’n
tudalen gwe ‘contact us’ a ‘live chat’).

 

I gael gwybodaeth am yr hyn rydyn ni’n ei wneud â data personol, gweler
ein hysbysiad preifatrwydd: https://ico.org.uk/global/privacy-notice/

 

 

Yn gywir

 

 

Swyddfa’r Comisiynydd Gwybodaeth 

 

References

Visible links
1. http://www.ico.org.uk/
2. https://ico.org.uk/for-organisations/gui...
3. https://emea01.safelinks.protection.outl...
4. http://www.ico.org.uk/
5. https://ico.org.uk/for-organisations/gui...
6. https://report.ico.org.uk/security-breach/

icocasework, Information Commissioner's Office

1 Attachment

14 September 2023 

Case Reference: IC-255312-S2G2 

Dear JtOakley

Please find attached response to your information request. 

Yours sincerely,

Jennifer Wilkes 
Senior Information Access Officer 
Information Commissioner's Office

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow,
Cheshire SK9 5AF
[1]ico.org.uk [2]twitter.com/iconews
Please consider the environment before printing this email.
For information about what we do with personal data see our privacy notice
at [3]www.ico.org.uk/privacy-notice.

References

Visible links
1. https://ico.org.uk/
2. https://twitter.com/iconews
3. https://www.ico.org.uk/privacy-notice

Dear icocasework,

Thank you but it wasn’t individual cases that I wanted to read -it was data held by Information Commissioner’s Office lawyers.

On cases that had gone to court and been judged, because the logic in judgements is what I wanted to
read.

If the legal department could provide a LIST ( the titles) of the court judgements that they hold - as reference, (which they must do) that is the data that I am requesting.

I do not need the details, just the list.

- Then I can look up the court judgements for myself.

Scope limited to the maximum of hours allowed without cost.

Thanks

Yours sincerely,

JtOakley

icocasework, Information Commissioner's Office

 

 

Thank you for contacting the Information Commissioner’s Office. We confirm
that we have received your correspondence. If you have any special
requirements that mean you would like us to communicate with you in a
specific way, please let us know and we will make adjustments if we can.

 

 

If you have made a new complaint - we’re unlikely to look into it unless
you have raised it with the responsible organization (for a data
protection complaint) or the responsible public authority (for a freedom
of information complaint) first. Please make sure you have sent us a copy
of their final response to you. We will assign your complaint to a case
officer as soon as we can, and they will contact you in due course.

 

 

If your correspondence relates to an existing case - we will add it to
your case and consider it on allocation to a case officer. If you believe
we have either failed to take appropriate steps to respond to your data
protection complaint, or we do not provide you with information about the
progress or outcome of your complaint within the next three months, you
may be able to apply to the First-tier Tribunal to require us to respond
to your complaint or to provide you with information about its progress.
(www.gov.uk - information rights and data protection: appeal against the
Information Commissioner)

 

 

If you have asked us for advice - we will respond within 14 days. While
you wait, you should regularly check our website ([1]www.ico.org.uk) for
relevant guidance, as we are updating this all the time. You should read
our [2]Guide to the UK GDPR. If you have raised a question that we have
answered on our website, we may respond by sending you a link to it. But
will do our best to provide you with the information you need.

 

 

If you represent an organisation and you are reporting a personal data
breach under the GDPR or the Data Protection Act 2018 - we aim to contact
you within seven days to confirm receipt and to provide you with a case
reference number. If you want advice urgently, you should telephone our
helpline on 0303 123 1113. You can find out more about data breach
reporting on our website.

 

Where a significant cyber incident occurs, you may also need to report
this to the National Cyber Security Centre (the NCSC). To help you decide,
you should read the NCSC’s guidance about their role and the type of
incidents that you should consider reporting. (www.ncsc.gov.uk
-incident-management)

 

Incidents that might lead to a heightened risk of individuals being
affected by fraud, should be reported to Action
Fraud (www.actionfraud.police.uk) - the UK’s national fraud and cybercrime
reporting centre. If your organisation is in Scotland, then reports should
be made to Police Scotland (www.scotland.police.uk).

 

 

 

If you are a Communications Service Provider reporting a security breach
under the Privacy and Electronic Communications Regulations – you will
need to report the security breach via the secure portal that can be found
on the PECR pages of our website.

 

 

If you represent an organisation and are reporting a potential incident
under the NIS Directive - we will contact you as soon as we can. You can
find out more about the NIS Regulations on our website.

 

 

If you represent an organization and you are reporting a security breach
within the definition of the eIDAS regulation – we will contact you as
soon as we can. You can find out more about the eIDAS regulation on our
website.

 

If you have reported spam email – we are unlikely to need to contact you
again, unless we need more information to help with our investigations. We
publish details about the action we've taken on nuisance messages on our
website.

 

 

 

If you have asked for information you think we might hold - we will
contact you if we need any more information to help us respond. Otherwise,
we will respond within our public and statutory service levels. For more
information please visit our webpage ‘request information from us’ (go to
our homepage and follow the link for ‘about the ICO’ and ‘our
information’).

 

 

 

If you have only copied your correspondence to us - we will not respond.

 

 

 

There is more detailed information, including information on our current
response times, on our service standards and what to expect webpage. You
can also call 0303 123 1113, we welcome calls in Welsh on 029 2067 8400.
You can also contact us on live chat (please visit our webpage ‘contact
us’ and ‘live chat’).

 

 

For information about what we do with personal data please see our privacy
notice: https://ico.org.uk/global/privacy-notice/

 

 

Yours sincerely

 

 

The Information Commissioner’s Office

 

 

 

 

 

 

 

 

 

Diolch yn fawr ichi am gysylltu â Swyddfa’r Comisiynydd Gwybodaeth. Rydym
yn cadarnhau bod eich gohebiaeth wedi dod i law. Os oes gennych unrhyw
ofynion arbennig sy'n golygu yr hoffech i ni gyfathrebu â chi mewn ffordd
benodol, rhowch wybod i ni a byddwn yn gwneud addasiadau os gallwn.

 

 

Os ydych wedi gwneud cwyn newydd – dydyn ni ddim yn debygol o edrych i
mewn iddo oni bai eich bod wedi’i godi’n gyntaf gyda’r sefydliad cyfrifol
(cwyn am ddiogelu data) neu’r awdurdod cyhoeddus cyfrifol (cwyn am ryddid
gwybodaeth). Gofalwch eich bod wedi anfon copi aton ni o’u hymateb
terfynol ichi. Byddwn yn rhoi’ch achos i swyddog achosion cyn gynted ag y
gallwn, a bydd y swyddog yn cysylltu â chi maes o law.

 

 

 

Os yw’ch gohebiaeth yn ymwneud ag achos sydd eisoes yn bod - byddwn yn ei
hychwanegu at eich achos ac fe gaiff ei hystyried ar ôl cael ei dyrannu i
swyddog achosion. Os ydych yn credu ein bod ni naill ai wedi methu cymryd
camau priodol i ymateb i'ch cwyn diogelu data, neu heb ddarparu gwybodaeth
ichi am gynnydd neu ganlyniad eich cwyn o fewn y tri mis nesaf, efallai y
byddwch yn gallu gwneud cais i'r Tribiwnlys Haen Gyntaf i’w gwneud yn
ofynnol inni ICO ymateb i'ch cwyn neu ddarparu gwybodaeth ichi am gynnydd
eich cwyn. (www.gov.uk - information rights and data protection: appeal
against the Information Commissioner)

 

 

Os ydych wedi gofyn am gyngor – byddwn yn ymateb o fewn 14 diwrnod. Tra
byddwch yn aros, dylech edrych yn rheolaidd ar ein [3]gwefan
([4]www.ico.org.uk) i chwilio am ganllawiau perthnasol, gan eu bod yn cael
eu diweddaru drwy’r amser. Hefyd dylech ddarllen ein [5]blogiau ynghylch
‘mythau’r GDPR’. Os ydych wedi codi cwestiwn sydd wedi’i ateb ar ein
gwefan, mae’n bosibl y byddwn yn ymateb drwy anfon dolen atoch i gysylltu
â’r ateb.  Ond fe wnawn ein gorau glas i roi’r wybodaeth angenrheidiol
ichi

 

 

Os ydych yn cynrychioli sefydliad a’ch bod yn rhoi gwybod am drosedd data
personol o dan y GDPR neu Ddeddf Diogelu Data 2018 – rydym yn anelu at
gysylltu â chi o fewn saith niwrnod calendr i gadarnhau bod eich neges
wedi dod i law ac i roi rhif cyfeirnod achos ichi. Os oes arnoch eisiau
cyngor ar frys, dylech ffonio’n llinell gymorth ar 0303 123 1113. Cewch
ragor o wybodaeth am roi gwybod am droseddau data ar ein gwefan.

 

 

Pan fo digwyddiad seibr arwyddocaol yn digwydd, mae’n bosibl y bydd angen
ichi roi gwybod amdano hefyd i’r Ganolfan Seiberddiogelwch Genedlaethol
(yr NCSC). I’ch helpu i benderfynu, dylech ddarllen canllawiau’r NCSC ar
eu rôl a’r math o ddigwyddiadau y dylech ystyried rhoi gwybod amdanyn nhw.
(www.ncsc.gov.uk -incident-management)

 

 

Dylai digwyddiadau a allai arwain at risg uwch y bydd twyll yn effeithio
ar unigolion gael eu cyfleu i Action Fraud (www.actionfraud.police.uk) –
sef canolfan genedlaethol y Deyrnas Unedig ar gyfer rhoi gwybod am dwyll a
seiberdroseddau. Os yw eich sefydliad yn yr Alban, yna i Heddlu’r Alban y
dylech chi roi gwybod (www.scotland.police.uk).

 

 

Os ydych yn Ddarparwr Gwasanaethau Cyfathrebu sy’n rhoi gwybod am dor
diogelwch o dan y Rheoliadau Preifatrwydd a Chyfathrebu Electronig – bydd
angen ichi roi gwybod am y tor diogelwch drwy’r [6]porth diogel sydd ar
gael ar y tudalennau ar ein gwefan sy’n ymwneud â’r PECR.

 

 

Os ydych yn cynrychioli sefydliad a’ch bod yn rhoi gwybod am ddigwyddiad
posibl o dan Gyfarwyddeb yr NIS – byddwn yn cysylltu â chi cyn gynted ag y
gallwn. Cewch ragor o wybodaeth am Reoliadau’r NIS ar ein gwefan.

 

 

Os ydych yn cynrychioli sefydliad a’ch bod yn rhoi gwybod am dor diogelwch
o fewn y diffiniad yn Rheoliad eIDAS – byddwn yn cysylltu â chi cyn gynted
ag y gallwn. Cewch ragor o wybodaeth am Reoliad eIDAS ar ein gwefan.

 

Os ydych wedi rhoi gwybod am ebost sbam – mae’n annhebygol y bydd angen
inni gysylltu â chi eto, oni bai bod arnon ni angen rhagor o wybodaeth i
helpu yn ein hymchwiliad. Rydym yn cyhoeddi gwybodaeth am y camau rydyn ni
wedi’u cymryd ynghylch negeseuon niwsans ar ein gwefan.

 

 

Os ydych wedi gofyn am wybodaeth yr ydych yn credu ei bod gennyn ni –
byddwn yn cysylltu â chi os bydd arnom angen rhagor o wybodaeth i’n helpu
i ymateb. Fel arall, byddwn yn ymateb ichi o fewn ein lefelau gwasanaeth
statudol a chyhoeddus. I gael rhagor o wybodaeth, ewch i’n tudalen gwe
‘request information from us’ (ewch i’n tudalen hafan a dilynwch y ddolen
‘about the ICO’ ac ‘our information’).

 

 

Os ydych wedi anfon copi o’ch gohebiaeth aton ni ond dim byd arall –
fyddwn ni ddim yn ymateb.

 

Mae gwybodaeth fanylach, gan gynnwys gwybodaeth am ein hamserau ymateb
presennol, ar ein tudalen gwe safonau gwasanaeth a beth i’w ddisgwyl.
Gallwch ffonio hefyd yn y Gymraeg ar 0303 123 1113 opsiwn 9 neu yn Saesneg
ar 0303 123 1113. Gallwch gysylltu â ni hefyd i gael sgwrs fyw (ewch i’n
tudalen gwe ‘contact us’ a ‘live chat’).

 

I gael gwybodaeth am yr hyn rydyn ni’n ei wneud â data personol, gweler
ein hysbysiad preifatrwydd: https://ico.org.uk/global/privacy-notice/

 

 

Yn gywir

 

 

Swyddfa’r Comisiynydd Gwybodaeth 

 

References

Visible links
1. http://www.ico.org.uk/
2. https://ico.org.uk/for-organisations/gui...
3. https://emea01.safelinks.protection.outl...
4. http://www.ico.org.uk/
5. https://ico.org.uk/for-organisations/gui...
6. https://report.ico.org.uk/security-breach/

Dear Information Commissioner's Office,

I know I don't have to give reasoning as to why I am asking for data but I thought a clarification in the form of a reason might help.

I took some pictures to illustrate a traffic jam and gave them to the council, who blanked out the car number plates but not the name of the organisation/s to whom the vehicle/s belonged to ....on the back and sides of the vehicles.

Editing made no difference to me, as it was the number of vehicles that I wanted to picture, not who they belonged to.

But the employee could not tell me what Act she was working to.

So I wondered why there was this differentiation.

Is it because the company/ organisation has willingly put their information into the public domain, where a car numberplate is considered to be personal information?

And that differentiation was what I assumed the Information Commissioner’s Office had on record and why I asked for data on it.

Yours faithfully,

JtOakley

icocasework, Information Commissioner's Office

18 September 2023

Our reference:  IC-255312-S2G2

Dear JtOakley,

We will now conduct an internal review of our response to your request.
You can expect us to respond in full by 12 October 2023. This is 20
working days from the date we received your request. If, for any reason,
we cannot respond by this date we will let you know and tell you when you
can expect a response.

Yours sincerely,

Jennifer Wilkes
Information Commissioner’s Office 
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow,
Cheshire SK9 5AF
[1]ico.org.uk [2]twitter.com/iconews
Please consider the environment before printing this email

For information about what we do with personal data see our privacy notice
at [3]www.ico.org.uk/privacy-notice

References

Visible links
1. https://ico.org.uk/
2. https://twitter.com/iconews
3. https://www.ico.org.uk/privacy-notice

Dear icocasework,

review

Thank you but I do not need to know anything about individual cases.

As an assistance...

Does the Information Commissioner’s Office provide caseworkers with an information guidance sheet on how to deal with cases involving car number plates/the public recognition of vehicles?

This would be data that would explain the position.

Yours sincerely,

JtOakley

icocasework, Information Commissioner's Office

 

 

Thank you for contacting the Information Commissioner’s Office. We confirm
that we have received your correspondence. If you have any special
requirements that mean you would like us to communicate with you in a
specific way, please let us know and we will make adjustments if we can.

 

 

If you have made a new complaint - we’re unlikely to look into it unless
you have raised it with the responsible organization (for a data
protection complaint) or the responsible public authority (for a freedom
of information complaint) first. Please make sure you have sent us a copy
of their final response to you. We will assign your complaint to a case
officer as soon as we can, and they will contact you in due course.

 

 

If your correspondence relates to an existing case - we will add it to
your case and consider it on allocation to a case officer. If you believe
we have either failed to take appropriate steps to respond to your data
protection complaint, or we do not provide you with information about the
progress or outcome of your complaint within the next three months, you
may be able to apply to the First-tier Tribunal to require us to respond
to your complaint or to provide you with information about its progress.
(www.gov.uk - information rights and data protection: appeal against the
Information Commissioner)

 

 

If you have asked us for advice - we will respond within 14 days. While
you wait, you should regularly check our website ([1]www.ico.org.uk) for
relevant guidance, as we are updating this all the time. You should read
our [2]Guide to the UK GDPR. If you have raised a question that we have
answered on our website, we may respond by sending you a link to it. But
will do our best to provide you with the information you need.

 

 

If you represent an organisation and you are reporting a personal data
breach under the GDPR or the Data Protection Act 2018 - we aim to contact
you within seven days to confirm receipt and to provide you with a case
reference number. If you want advice urgently, you should telephone our
helpline on 0303 123 1113. You can find out more about data breach
reporting on our website.

 

Where a significant cyber incident occurs, you may also need to report
this to the National Cyber Security Centre (the NCSC). To help you decide,
you should read the NCSC’s guidance about their role and the type of
incidents that you should consider reporting. (www.ncsc.gov.uk
-incident-management)

 

Incidents that might lead to a heightened risk of individuals being
affected by fraud, should be reported to Action
Fraud (www.actionfraud.police.uk) - the UK’s national fraud and cybercrime
reporting centre. If your organisation is in Scotland, then reports should
be made to Police Scotland (www.scotland.police.uk).

 

 

 

If you are a Communications Service Provider reporting a security breach
under the Privacy and Electronic Communications Regulations – you will
need to report the security breach via the secure portal that can be found
on the PECR pages of our website.

 

 

If you represent an organisation and are reporting a potential incident
under the NIS Directive - we will contact you as soon as we can. You can
find out more about the NIS Regulations on our website.

 

 

If you represent an organization and you are reporting a security breach
within the definition of the eIDAS regulation – we will contact you as
soon as we can. You can find out more about the eIDAS regulation on our
website.

 

If you have reported spam email – we are unlikely to need to contact you
again, unless we need more information to help with our investigations. We
publish details about the action we've taken on nuisance messages on our
website.

 

 

 

If you have asked for information you think we might hold - we will
contact you if we need any more information to help us respond. Otherwise,
we will respond within our public and statutory service levels. For more
information please visit our webpage ‘request information from us’ (go to
our homepage and follow the link for ‘about the ICO’ and ‘our
information’).

 

 

 

If you have only copied your correspondence to us - we will not respond.

 

 

 

There is more detailed information, including information on our current
response times, on our service standards and what to expect webpage. You
can also call 0303 123 1113, we welcome calls in Welsh on 029 2067 8400.
You can also contact us on live chat (please visit our webpage ‘contact
us’ and ‘live chat’).

 

 

For information about what we do with personal data please see our privacy
notice: https://ico.org.uk/global/privacy-notice/

 

 

Yours sincerely

 

 

The Information Commissioner’s Office

 

 

 

 

 

 

 

 

 

Diolch yn fawr ichi am gysylltu â Swyddfa’r Comisiynydd Gwybodaeth. Rydym
yn cadarnhau bod eich gohebiaeth wedi dod i law. Os oes gennych unrhyw
ofynion arbennig sy'n golygu yr hoffech i ni gyfathrebu â chi mewn ffordd
benodol, rhowch wybod i ni a byddwn yn gwneud addasiadau os gallwn.

 

 

Os ydych wedi gwneud cwyn newydd – dydyn ni ddim yn debygol o edrych i
mewn iddo oni bai eich bod wedi’i godi’n gyntaf gyda’r sefydliad cyfrifol
(cwyn am ddiogelu data) neu’r awdurdod cyhoeddus cyfrifol (cwyn am ryddid
gwybodaeth). Gofalwch eich bod wedi anfon copi aton ni o’u hymateb
terfynol ichi. Byddwn yn rhoi’ch achos i swyddog achosion cyn gynted ag y
gallwn, a bydd y swyddog yn cysylltu â chi maes o law.

 

 

 

Os yw’ch gohebiaeth yn ymwneud ag achos sydd eisoes yn bod - byddwn yn ei
hychwanegu at eich achos ac fe gaiff ei hystyried ar ôl cael ei dyrannu i
swyddog achosion. Os ydych yn credu ein bod ni naill ai wedi methu cymryd
camau priodol i ymateb i'ch cwyn diogelu data, neu heb ddarparu gwybodaeth
ichi am gynnydd neu ganlyniad eich cwyn o fewn y tri mis nesaf, efallai y
byddwch yn gallu gwneud cais i'r Tribiwnlys Haen Gyntaf i’w gwneud yn
ofynnol inni ICO ymateb i'ch cwyn neu ddarparu gwybodaeth ichi am gynnydd
eich cwyn. (www.gov.uk - information rights and data protection: appeal
against the Information Commissioner)

 

 

Os ydych wedi gofyn am gyngor – byddwn yn ymateb o fewn 14 diwrnod. Tra
byddwch yn aros, dylech edrych yn rheolaidd ar ein [3]gwefan
([4]www.ico.org.uk) i chwilio am ganllawiau perthnasol, gan eu bod yn cael
eu diweddaru drwy’r amser. Hefyd dylech ddarllen ein [5]blogiau ynghylch
‘mythau’r GDPR’. Os ydych wedi codi cwestiwn sydd wedi’i ateb ar ein
gwefan, mae’n bosibl y byddwn yn ymateb drwy anfon dolen atoch i gysylltu
â’r ateb.  Ond fe wnawn ein gorau glas i roi’r wybodaeth angenrheidiol
ichi

 

 

Os ydych yn cynrychioli sefydliad a’ch bod yn rhoi gwybod am drosedd data
personol o dan y GDPR neu Ddeddf Diogelu Data 2018 – rydym yn anelu at
gysylltu â chi o fewn saith niwrnod calendr i gadarnhau bod eich neges
wedi dod i law ac i roi rhif cyfeirnod achos ichi. Os oes arnoch eisiau
cyngor ar frys, dylech ffonio’n llinell gymorth ar 0303 123 1113. Cewch
ragor o wybodaeth am roi gwybod am droseddau data ar ein gwefan.

 

 

Pan fo digwyddiad seibr arwyddocaol yn digwydd, mae’n bosibl y bydd angen
ichi roi gwybod amdano hefyd i’r Ganolfan Seiberddiogelwch Genedlaethol
(yr NCSC). I’ch helpu i benderfynu, dylech ddarllen canllawiau’r NCSC ar
eu rôl a’r math o ddigwyddiadau y dylech ystyried rhoi gwybod amdanyn nhw.
(www.ncsc.gov.uk -incident-management)

 

 

Dylai digwyddiadau a allai arwain at risg uwch y bydd twyll yn effeithio
ar unigolion gael eu cyfleu i Action Fraud (www.actionfraud.police.uk) –
sef canolfan genedlaethol y Deyrnas Unedig ar gyfer rhoi gwybod am dwyll a
seiberdroseddau. Os yw eich sefydliad yn yr Alban, yna i Heddlu’r Alban y
dylech chi roi gwybod (www.scotland.police.uk).

 

 

Os ydych yn Ddarparwr Gwasanaethau Cyfathrebu sy’n rhoi gwybod am dor
diogelwch o dan y Rheoliadau Preifatrwydd a Chyfathrebu Electronig – bydd
angen ichi roi gwybod am y tor diogelwch drwy’r [6]porth diogel sydd ar
gael ar y tudalennau ar ein gwefan sy’n ymwneud â’r PECR.

 

 

Os ydych yn cynrychioli sefydliad a’ch bod yn rhoi gwybod am ddigwyddiad
posibl o dan Gyfarwyddeb yr NIS – byddwn yn cysylltu â chi cyn gynted ag y
gallwn. Cewch ragor o wybodaeth am Reoliadau’r NIS ar ein gwefan.

 

 

Os ydych yn cynrychioli sefydliad a’ch bod yn rhoi gwybod am dor diogelwch
o fewn y diffiniad yn Rheoliad eIDAS – byddwn yn cysylltu â chi cyn gynted
ag y gallwn. Cewch ragor o wybodaeth am Reoliad eIDAS ar ein gwefan.

 

Os ydych wedi rhoi gwybod am ebost sbam – mae’n annhebygol y bydd angen
inni gysylltu â chi eto, oni bai bod arnon ni angen rhagor o wybodaeth i
helpu yn ein hymchwiliad. Rydym yn cyhoeddi gwybodaeth am y camau rydyn ni
wedi’u cymryd ynghylch negeseuon niwsans ar ein gwefan.

 

 

Os ydych wedi gofyn am wybodaeth yr ydych yn credu ei bod gennyn ni –
byddwn yn cysylltu â chi os bydd arnom angen rhagor o wybodaeth i’n helpu
i ymateb. Fel arall, byddwn yn ymateb ichi o fewn ein lefelau gwasanaeth
statudol a chyhoeddus. I gael rhagor o wybodaeth, ewch i’n tudalen gwe
‘request information from us’ (ewch i’n tudalen hafan a dilynwch y ddolen
‘about the ICO’ ac ‘our information’).

 

 

Os ydych wedi anfon copi o’ch gohebiaeth aton ni ond dim byd arall –
fyddwn ni ddim yn ymateb.

 

Mae gwybodaeth fanylach, gan gynnwys gwybodaeth am ein hamserau ymateb
presennol, ar ein tudalen gwe safonau gwasanaeth a beth i’w ddisgwyl.
Gallwch ffonio hefyd yn y Gymraeg ar 0303 123 1113 opsiwn 9 neu yn Saesneg
ar 0303 123 1113. Gallwch gysylltu â ni hefyd i gael sgwrs fyw (ewch i’n
tudalen gwe ‘contact us’ a ‘live chat’).

 

I gael gwybodaeth am yr hyn rydyn ni’n ei wneud â data personol, gweler
ein hysbysiad preifatrwydd: https://ico.org.uk/global/privacy-notice/

 

 

Yn gywir

 

 

Swyddfa’r Comisiynydd Gwybodaeth 

 

References

Visible links
1. http://www.ico.org.uk/
2. https://ico.org.uk/for-organisations/gui...
3. https://emea01.safelinks.protection.outl...
4. http://www.ico.org.uk/
5. https://ico.org.uk/for-organisations/gui...
6. https://report.ico.org.uk/security-breach/