Complaints against Information Commissioner's Office

Jonathan Baines made this Freedom of Information request to Parliamentary and Health Service Ombudsman

This request has been closed to new correspondence from the public body. Contact us if you think it ought be re-opened.

The request was successful.

Dear Parliamentary and Health Service Ombudsman,

Please disclose how many complaints you have received relating to the Information Commissioner's Office since January 2016, and information on how many you have upheld. If you have case summaries for the complaints, please also disclose them.

Yours faithfully,

Jon Baines

informationrights@ombudsman.org.uk, Parliamentary and Health Service Ombudsman

Thank you for contacting the Parliamentary and Health Service Ombudsman’s (PHSO) Freedom of Information and Data Protection Team. This is to confirm we have received your request.
If you have made a request for information under the Freedom of Information Act 2000 or Environment Information Regulations 2004, we will respond to your request within 20 working days in accordance with the statutory time frames set out in both Acts.
If you have made a request for personal information held by the PHSO, your request will be processed as a Subject Access Request under the provisions of the Data Protection Act 2018 and will be responded to within one calendar month in accordance with the statutory time frame set out in the Act.
We may contact you before this time if we require further clarification or if we need to extend the time required to complete your request.
For Subject Access Requests, we will send any personal information via secure email, unless you instruct us differently. To access the information on the email we send, you will need to sign up to our secure email service. Details can be found on our website using the link below:
www.ombudsman.org.uk/about-us/being-open...
If you require us to post your personal information to you instead you will need to inform us of this and confirm your current address as soon as possible.

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________

InformationRights, Parliamentary and Health Service Ombudsman

3 Attachments

Dear Mr Baines

 

RE: Your information request: R0000390

                            

I write in response to your email regarding your request to the
Parliamentary and Health Service Ombudsman (PHSO) for information which
has been handled under the Freedom of Information Act 2000.

 

Please find a table below providing the number of ICO complaints received
and investigations concluded from January 2016 to present. Please note
there were no upheld/partly upheld complaints regarding the ICO for this
period.

 

Information Complaints Investigations Upheld Partly Not Discontinued
Commissioner Received concluded upheld upheld
January-March 
2016 33 2  0 0 2  0
2016/17 128 5 0 0 5 0
2017/18 167 6 0 0 5 1
2018/19 year
to date 116 3 0 0 1 2

 

We do not centrally record case summaries for these cases. To gather this
information would require the manual task of accessing each case file to
ascertain if a case summary is held with an additional task of redacted
personal information. This would be an extremely labour intensive task and
could not be undertaken without incurring disproportionate cost. Section
12(1) of the Act has therefore been applied to this element of your
request.

 

If you believe we have made an error in the way I have processed your
information request, it is open to you to request an internal review.  You
can do this by writing to us by post or by email to
[1][Parliamentary and Health Service Ombudsman request email]. You will need to specify that the
nature of the issue is and we can consider the matter further. Beyond
that, it is open to you to complain to the Information Commissioner’s
Office ([2]www.ico.org.uk).

 

Yours sincerely

 

Freedom of Information/Data Protection Team

Parliamentary and Health Service Ombudsman

W: [3]www.ombudsman.org.uk

 

Follow us on

[4]fb  [5]twitter  [6]linkedin

 

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________

References

Visible links
1. mailto:[Parliamentary and Health Service Ombudsman request email]
2. http://www.ico.org.uk/
3. http://www.ombudsman.org.uk/
http://www.ombudsman.org.uk/
4. http://www.facebook.com/phsombudsman
5. http://www.twitter.com/PHSOmbudsman
6. http://www.linkedin.com/company/parliame...

Dear InformationRights,

Thanks for the response. However, the table you supplied does not render well on the "WhatDoTheyKnow" webpage, and it is very difficult to see which field corresponds to which heading. Please could you resend either as a dataset, or at least as a pdf file?

Many thanks,

Jon Baines

Informationrights@ombudsman.org.uk, Parliamentary and Health Service Ombudsman

Thank you for contacting the Parliamentary and Health Service Ombudsman’s (PHSO) Freedom of Information and Data Protection Team. This is to confirm we have received your request.
If you have made a request for information under the Freedom of Information Act 2000 or Environment Information Regulations 2004, we will respond to your request within 20 working days in accordance with the statutory time frames set out in both Acts.
If you have made a request for personal information held by the PHSO, your request will be processed as a Subject Access Request under the provisions of the Data Protection Act 2018 and will be responded to within one calendar month in accordance with the statutory time frame set out in the Act.
We may contact you before this time if we require further clarification or if we need to extend the time required to complete your request.
For Subject Access Requests, we will send any personal information via secure email, unless you instruct us differently. To access the information on the email we send, you will need to sign up to our secure email service. Details can be found on our website using the link below:
www.ombudsman.org.uk/about-us/being-open...
If you require us to post your personal information to you instead you will need to inform us of this and confirm your current address as soon as possible.

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________

InformationRights, Parliamentary and Health Service Ombudsman

1 Attachment

Dear Mr Baines

Thank you for your reply.

Please find attached a copy of our response as a PDF document as requested.

Yours sincerely

Freedom of Information/Data Protection Team
Parliamentary and Health Service Ombudsman
W: www.ombudsman.org.uk

show quoted sections

Dear InformationRights,

Many thanks for your prompt attention.

Yours sincerely,

Jon Baines

Informationrights@ombudsman.org.uk, Parliamentary and Health Service Ombudsman

Thank you for contacting the Parliamentary and Health Service Ombudsman’s (PHSO) Freedom of Information and Data Protection Team. This is to confirm we have received your request.
If you have made a request for information under the Freedom of Information Act 2000 or Environment Information Regulations 2004, we will respond to your request within 20 working days in accordance with the statutory time frames set out in both Acts.
If you have made a request for personal information held by the PHSO, your request will be processed as a Subject Access Request under the provisions of the Data Protection Act 2018 and will be responded to within one calendar month in accordance with the statutory time frame set out in the Act.
We may contact you before this time if we require further clarification or if we need to extend the time required to complete your request.
For Subject Access Requests, we will send any personal information via secure email, unless you instruct us differently. To access the information on the email we send, you will need to sign up to our secure email service. Details can be found on our website using the link below:
www.ombudsman.org.uk/about-us/being-open...
If you require us to post your personal information to you instead you will need to inform us of this and confirm your current address as soon as possible.

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________

phsothefacts Pressure Group left an annotation ()

Zero cases upheld against ICO and in return ICO don’t uphold against PHSO. Cosy as long as you are inside the club.

Jt Oakley left an annotation ()

I’ve found a very unduly ‘supportive’ relationship between the PHSO and the Information Commissioner’s Office - having to take taking that ‘relationship’ to court ...and winning.

Simply because the PHSO’s instruction was taken by the Information Commissioner’s Office that it should NOT investigate my evidence. It’s officer stated that it was ‘out of it’s remit’.

That proved to be wrong - but the suspicion remains that the PHSO drives the Information Commissioner’s Office and so quid pro quo is at work.

*The PHSO investigates complaints against the Information Commissioner’s Office .

===

I’d made a complaint to the PHSO about the Information Commissioner’s Office on the grounds that the ICO investigator hadn’t passed my complaint to the organisation I was complaining about, which stated the information didn’t exist.
Logically it had to.

- This was according to my ICO SAR.

What made a difference was that I got the information that the organisation had previously stated didn’t exist.
- But NOT via the Information Commissioner’s Office.

So I made a complaint to the PHSO, as I thought that the investigator should have at least of spelt out what I was asking for to the organisation concerned.. Particularly as I’d stated what was missing more than three times to the Information Commissioner’s Office.

The PHSO then backed the Information Commissioner’s Office.

So apparently the Information Commissioner’s Office need not pass on details of a complaint to the organisation complained about.

The only reason that the PHSO could suport tye ICO would be that the investigator HAD sent the complaint to the organisation - but the person who had provided my ICO SAR had not included it in the response to me.

- So now I’m left having to ask the Information Commissioner’s Office why he didn’t fulfill my SAR.

Fedupface

==

The rule is really - Don’t bother.

Because the phsothefacts comment above is more or less accurate.

The two organisations don’t really ‘do’ complaints against each other and that means you have to go to court to obtain justice.

- Luckily the Tribunal judges are fair ...and make good legal judgements in cases where these two organisations are concerned - but it’s a long haul to obtain justice.

M Boyce left an annotation ()

Jt Oakley

You make an excellent point about the mutual back-rubbing between the PHSO and the ICO. There is a fundamental conflict of interest when the ICO is tasked with investigating the PHSO, and vice-versa. A stitch-up of a complainant is guaranteed.
I must take issue with your statement that the Information Tribunal (both FTT and UTT) are always fair in their decisions. Whether you get a fair decision is at least partly dependent on luck - it depends on who is sitting on that particular tribunal in any one case. This is a serious accusation and it is not made without evidence. In terms of section 42 of the FOIA different tribunals have come up with entirely diametric views on whether section 42 is an absolute exemption in practice or not. Like the ICO, some regard that the disclosure of withheld information can only happen in very exceptional cases, whilst others say that disclosed information should be disclosed if the evidence for disclosure is strong - this may turn out to be very exceptional, but it is not predicated on a deterministic assertion that cases HAVE TO BE very exceptional. This argument may sound rather semantic, but it is vital in understanding that where discretion is used then everyone's discretion is different. If the ICO and all tribunals adhered to what is actually stated in the FOIA legislation on section 42, instead of effectively altering this legislation in an entirely personally interpretative way, then there might be fairness on this issue. This has not happened in the past.

Jt Oakley left an annotation ()

Thank you M Boyce.

You’re right of course.

And once discretion enters the picture, so does bias.

=

I had a bit of luck with the timing, in that the PHSO botched up my complaint so badly..determined by its own eminent legal expert, that it eventually paid me £500.

Don’t think ANY court could have ignored that as evidence.

=

But, in general, I think the standard of Information Commissioner’s Office complaint handlers has dropped.
Probably due the need to recruit people quickly, as the work expands.

Generally the staff used to be very good and try hard to evaluate a complaint.
Now it seems they don’t even bother to read it. Let alone go the extra step.

Probably through lack of expertise, it’s a complicated thing to understand the FOIA.

For instance, one caseworker went on and on about her health worries and complained about the Information Commissioner’s Office’s technology .

Sympathetic I may have been - but she was eating up the time to understand the case. Which she didn't.

==

But, agreed .. the cosy relationship between the Information Commissioner’s Office and PHSO should be broken and independent investigators appointed.

M Boyce left an annotation ()

Yes you are certainly right about standards slipping, and that applies as much to the PHSO case officers as it does to the ICO. The ICO don't need to worry if they are careless or biased because if someone takes their case to tribunal what impact does that have on the ICO? They usually win (FTT bias), and if they loose then there is absolutely no come back on them.
There can be no fairness in decision making if there is no accountability, and the ICO is accountable to no one, and therefore it does whatever it wants with total impunity.

Jt Oakley left an annotation ()

Apparently the PHSO now upholds just three percent of its cases.

Meaning the 97 percent of the public are wrong.

It’s the easiest action to take - just dismiss a complaint.

Make the complainant go to court, to seek a judicial review, which probably around 97 percent of people can’t afford.

So you’re right again. They don’t fear any comeback. No one loses their job.

...Yet they waste £kkkkk’s of public money. And let the systems they are supposed to put right. continue to fail.

- Although in my case, I was most amused to read that the PHSO officer told the PHSO board it was all the Information Commissioner’s Office ‘s fault they lost in court. Tsk.

=

Now wondering if there has also been a consequent drop in Information Commissioner’s Office upheld complaints.

J Roberts left an annotation ()

A recent FTT decision concerning how PHSO handled a complaint about ICO:

http://www.bailii.org/uk/cases/UKFTT/GRC...

"9. During the Information Commissioner’s investigation PHSO made no further reference to the s 44(1)(a) exemption and did not maintain its application to any elements of the request."

"36. On this basis we conclude that PHSO breached s 1 FOIA."

"39. We can understand why Mr Adedeji has formed the impression that PHSO was substantively reviewing the Commissioner’s decision, but that is not something that is within PHSO’s powers. The PHSO’s role is not to assess whether the ICO correctly interpreted the DPA, but, for example, to assess whether it followed proper administrativeprocedures in relation to his complaint)."

"46. Having reviewed the documentation already provided, we think it is highly unlikely that PHSO are deliberately concealing any further manuals or procedures which set out how information should be recorded. "

M Boyce left an annotation ()

The PHSO concealing information? Surely not!

Jt Oakley left an annotation ()

It’s ‘administrative procedures’.

1. Receive a defensive letter from Information Commissioner’s Office .

2. Copy and paste.

3. That’s it.

phsothefacts Pressure Group left an annotation ()

What does this mean? "The PHSO’s role is not to assess whether the ICO correctly interpreted the DPA, but, for example, to assess whether it followed proper administrative procedures in relation to his complaint)."

Surely proper administrative procedures would include the correct interpretation of the DPA? Are they saying that PHSO can only look at the way ICO handled the complaint and not the grounds for the complaint? Crazy stuff and nonsense!

Elvis Panatello (Account suspended) left an annotation ()

The system is set up with it in mind that an aggrieved person who has been affected by maladministration/misconduct at the hands of a public body will never get a fair hearing. The public body knows that they can deal with an aggrieved person's concerns in a blatantly unfair an biased way because when and if the matter escalates to an appeal, the public body overseeing the appeal will play the "we are only permitted to review the procedure" card, and that's when you realise you've been had.

J Roberts left an annotation ()

I've requested a copy of the Commissioner's decision notice, which is not available on the ICO website:

https://www.whatdotheyknow.com/request/d...

Jt Oakley left an annotation ()

What they mean is that PHSO caseworkers (and upwards) don’t make decisions on whether the the ICO has investigated the case and made the decision according to the point of law raised in your complaint.

Because, in neither organisation, caseworkers and their line management are not lawyers.

Not their ‘bag’ as it were.

BUT Since the Information Commissioner’s Office is tasked with being the public defender of the FOIA and DPA/ GDPR, you might think ICO caseworkers might ask a lawyer to explain WHY they are ignoring the legal points of your complaint in its appraisal of it.

Not so.

==

Your complaint was :

’This organisation has broken the law, and here’s the evidence of how they broke it’

Some caseworker decisions now bizarrely amount to ‘feelings’, rather than fact.

It’s so bad that I now preface my complaint with:

‘I’d be grateful if you would stick to the law in evaluating my complaint, not ascribe your personal opinion to it’.

The next stages of a ICO complaint always seem to stick with non-legal point involvement.

Still targets are targets ...and they must be hit.

==

The Maladministration

What the PHSO caseworker is looking at is if ICO followed its own internal procedures to investigate your complaint.

Which aren't exactly clear.

And which is why I keep asking for the INTERNAL GUIDE given to caseworkers, rather than referring to the law.

Because that is where any maladministration lies.

When asked to provide these internal guides, some ICO FOIA respondents give you a internet link to the Acts instead.

(....Which also presumes that the Information Commissioner’s Office have no copies of the laws that it upholds on its database. How does that work?)

Useless because the specifically quoted legal paragraphs in the Acts that you have patiently researched and quoted - to be relevant to investigating your complaint, can be safely ignored in the complaints process too.

==

So it’s pointless to try and quote them to the PHSO as a ‘failure to investigate the complaint’, even though THAT IS the basis of your complaint.

It is the internal Information Commissioner’s Office ‘procedure and processes’ compliance that the PHSO caseworker determines in its maladministration investigation.

So, as PHSO caseworkers are not lawyers, they just ‘cut and paste’ what the ICO states to it in its response to them, gives it a few box ticks ...and passes on.

Simply because the Information Commissioner’s Office IS the legal authority.

Still targets are targets ...and they must be hit.

==

And that is then circular process which allows both ICO and PHSO to neglect the ‘why’ of your complaint.

J Roberts left an annotation ()

ICO have provided an explanation why the DN was not available - human error. There is also something wrong about the reference number. Further information available here:

https://www.whatdotheyknow.com/request/d...

DN available here:

https://webarchive.nationalarchives.gov....

"12. Firstly, the Commissioner wishes to point out that it is not within the remit of the PHSO to “assess” any alleged breachesof the DPA; this is the remit of the ICO. The PHSO will only consider whether the ICO has handled the particular complaint referred to it in accordance with its own policies and procedures and treated the complainant fairly."

Jt Oakley left an annotation ()

That’s typical.

Whatever stance the two organisations take they back up each other.

=

In my case complained the bank was withholding the data I requested three times.

The Information Commissioner’s Office Devin was that that I should ask the bank FOURTH time.

Yes,me, myself. It wasn’t going to ask for the data,

=

My complaint was that having already asked for the same information three times, the Information Commissioner’s Office should ask the bank for it.

Reading the SAR, the Information Commissioner’s Office NEVER Asked the bank for the information.

I was so shocked that couldn’t believe it.

So checked twice with the SAR department that they had provided all the data.

They insisted that they had.

==

So the complaint to the PHSO was that the Information Commissioner’s Office, by neglecting to ask the bank for the disputed Information had not gone through its own processes.

(Then I got the withheld Data.. which didn’t previously exist)

==

The PHSO ruled that the Information Commissioner’s Office had COMPLIED with its own processes in NOT asking the bank for the disputed data.

==

This wouldn’t be that bad , as the relationship between the two organisations is predictable —but the Information Commissioner’s Office went on to repeat this on another complaint in Data farming.

I wanted to know why an insurance company - with which I had no dealings - ( and wanted none) had my personal Data and was using it to target me.

The crux of the matter was the signed document supposedly had my signature in the firm of a X was given to the insurance company.

So I asked the Information Commissioner’s Office to ask for the document to find the source and who was farming my information ...and passing it to the insurance company.

Again, reading the SAR, the Information Commissioner’s Office DIDN'T ask for the X document.

So I’ll never know who was passing my personal information to whom.

==

I really can’t understand why the Information Commissioner’s Office didn’t the complained about organisations to provide the crucial evidence, TWiCE.

ONCE is careless - but twice is internal strategy.

==

It is now my opinion that a single complainants are just fobbed off by the easiest route possible, even if that means ignoring the documents at the centre of the complaint and must logically exist.

The Information Commissioner’s Office seems to only want cases where a NUMBER of complainants are concerned.
Presumably:

1. To hit targets.

2. For publicity in the press, tv etc.

QED

There is no point in making a complaint that data is being withheld, as apparently it’s not within the Information Commissioner’s Office processes to ask the organisation:

1. Does it exist?

2.Can the organisation supply it?

- That’s far from the ideals and processing that the Information Commissioner’s Office used to have.

J Roberts left an annotation ()

Complaints about the ICO handled by the PHSO for 2018/19:

Enquiries received 173

Complaints assessed 83

Complaints accepted for investigation 3

Investigation NOT upheld 1

Investigations discontinued 2

https://www.whatdotheyknow.com/request/c...

Nothing upheld or partly upheld.

Jt Oakley left an annotation ()

Of course.

The PHSO assesses complaints against the Information Commissioner’s Office .

And the Information Commissioner’s Office investigates Complaints against the PHSO.

Quid quo pro.