Information Commissioner's Office Recenzje 503

As other reviewer's have mentioned, this organisation is wilfully useless.

I was attacked by a neighbour, and then threatened by their police officer neighbour "coming round to sort me out". They then attacked me again, and a police officer did in fact come to my house and threaten me, as promised.

When I reported this to the police force concerned, without even bothering to find out who I was, or anything about the incident, the first officer I spoke to immediately informed me "Oh no, no officer would risk their job doing that!", and instantly dismissed my claim.

I was met with sexism, prejudice and derision throughout, and eventually made a formal complaint, all whilst being harassed and threatened by my neighbours. The police "professional standards department", who were neither professional, nor had any standards, sent me an almost threatening email during my complaint, which stated that they "had a copy of the body worn video by the police officer who had visited my house, and could watch it at any time."

I responded to this email, stating that they should be watching the body worn evidence, and should have watched it already, given that they were meant to be investigating this officer, and his actions when he visited me, and since they had repeatedly written to me stating that they were "thoroughly investigating my complaint", so what exactly were they doing otherwise.

I then put in a formal request for a copy of the body worn video evidence, and waited the standard 30 days for it to arrive.

Surprise surprise, after 30 days, no video was forthcoming. Months later, no video was forthcoming. When I queried this, I eventually received an email from the police force stating that no such video existed, the same police force that had emailed me months earlier stating that they "had a copy of the body worn video by the police officer who had visited my house, and could watch it at any time."

As per the law, I then made a complaint via the ICO, since the police force concerned had not sent me a copy of the video evidence as requested, and that video evidence had quite clearly existed, by their own admission, when I had requested it.

The police force concerned then proceeded to totally ignore the ICO for months and months, I think this went on for over a year at least in the end.

Eventually, the police force concerned replied to the ICO, and claimed that the police officer, and I quote "must have pressed delete instead of upload, and the video was never uploaded, so had never existed in their systems", completely contradicting their own email, which had been sent months after the video would have been uploaded.

The police force then proceeded to once again totally ignore the ICO, and basically do whatever they wanted. The ICO wrote to me and said that they could not keep pursuing the police, because the police were just ignoring them.

Really? So a police force just delete body worn video evidence of their officers going to people's homes and threatening them, and even send them emails stating that they "had a copy of the body worn video by the police officer who had visited my house, and could watch it at any time," proving that the video had in fact existed. It only ceased to exist when I requested a copy of it.

There is literally no purpose to this organisation. They clearly have no power, and any little they do they are not interested in using, and do not pursue the people they are meant to pursue. Which is exactly why the people breaking the law break it, since they know this organisation will not bother to pursue them. In my case this meant my continuing to have to live in fear for years, and having my pets immediately poisoned after I had dared to report these people to the ICO, and the ICO simply let them get away with it. I personally consider this negligence. Allowing this patently obvious abuse of position and power, instead of pursuing it, when the police had changed their story, and this was provable demonstrable fact, put me at risk, and I had to suffer the consequences. This is not okay.

Completely pointless. Horrific track record. Don’t waste your time. Get yourself legal advice instead.

Shockingly bad. Not fit for purpose.
A waste of time!! This is the overall aim of the ICO. Any decisions made by the ICO about an organisation are used to inform our own regulatory work.

My review took one year and 6 months.
The reviewing supervisor stated in a review of the case worker's work that nothing was wrong with that.
HERE IS COPY OF THE SUMMARY:
Unfortunately, we don’t guarantee to resolve matters to an individual’s satisfaction. Assessments we make are opinions rather than legally binding decisions or judgements. Definitive decisions about an individual’s rights can ultimately only be reached through the legal system which you have the right to take up independently of the ICO. A rather than being used to enforce an individual’s rights or evidence their own opinion.

They seem very busy

This company is a disgraceful waste of money that legally forces people to pay what they call a “data protection fee” even though they are not privy to or instrumental in any company data protection systems. Their fee can go as high as £2000 per year and the company receives no benefit whatsoever from these leeches.

ICO is a completely useless organisation. Without my permission, or knowledge premier inn withdrew a sum of money from my account. Eventually, I contacted ico and guess what, unsuprisingly they sided with premier inn.

ico has as much clout as a toothless newborn kitten.

Britain is a basket case with rogue government spin off departments

Cannot recall the precise date of this 'experience' yet ico emailed me in December 24 with their decision not to take any action against premier inn.

The ICO is an organisation that has legal powers to force organisations to pay an annual fee and which seems to be accountable to no-one and which adds seemingly little or no value to anyone. My company has no employees and processes virtually no personal information (I am a sole trader), and yet it has to pay their annual fee, for no benefit to anyone.

These people are completely useless. They have zero will power, desire or effect whatsoever in holding companies to account. They’re a complete waste of tax payers money. Give the consistent feedback of ONE star reviews, parliament should seriously reconsider what this organisation has been set up to achieve.

Brought to the attention ICO problems accessing personal data from a third party. I found them to be very unhelpful and obnoxious. They also told me they have no legal powers and if I can't resolve the problem by myself to take the matter. to court and can't afford. Not sure about thier purpose for exsistance as most Government quangos. So much for civil rights.

Absolute waste of time, took five months to respond and told me nothing despite Trust admitting breach, no consequences for them.....no wonder companies and Trusts do what they like with people's data!

If zero stars were an option ...

They contacted my employer, regurgitated everything my employer stated back at me -- without ever bothering to ask me or check any facts.

Complain to your MP, because this is a useless institution taking millions of taxpayer money & failing to do any useful job.

Is the information commissioners office actually independent though?

I filed a subject access request (SAR) as part of GDPR to a company - but they didn’t give me all of my data. I contacted the ICO who dismissed the case - I complained and they just dismissed the case.

What’s the point in having a government appointed ombudsman for data protection if they don’t do anything? It’s been extremely upsetting to receive emails from the ICO telling me they can’t and will not do anything for me. Dealing with the ICO has been an extremely frustrating and disappointing experience.

ICO Trustpilot one star rating is currently at 97%

Provided clear evidence that company is stealing from my bank in form of screenshots.
Have clear evidence company set up direct debits unlawfully according to GDPR consent principles.
Company refusing to give me proof according to GDPR burden of proof articles.

ICO: Well since they are denying, we can't do anything (??? what you exist for then, if you don't investigate)

ICO - You maintain that RingCentral is infringing upon data protection law because charging your account would have required it to process your personal data, and that you never gave your consent for this to be happen. However, this isn’t necessarily the case. While RingCentral must presumably have had your bank details on record on some point in order to make the charges, you wouldn’t be identifiable from them in isolation -

They used my bank details and I am not indentifable?

Pretty much told me to go bother ActionFraud (which is equally useless, as they won't do anything).
They carried they 'independent review' where next one day or two, investigator of ICO said Yep, I agree with everything ICO guy said - now go away.

Waste of time, nowadays you can get thieved from your bank account in daylight and no one will do anything.

I contacted them over a company ignoring an SAR. They investigated but because the company ignored them and didn’t respond to any communication they dropped the case. This is utterly unacceptable.
Update. My MP is now on the case and is taking action against them. He’s questioning why they take tens of millions in taxpayers funding and don’t do anything to justify it

Update - my brilliant MP (James McMurdock) is going after them both with the ombudsman and in parliament. They’re in for a very difficult time and well deserved.

Fraud Alert: Sky Account Scams & Security Concerns

Scam Overview

The phone number 07488 292880 is linked to an individual running a sophisticated scam operation, potentially based in the UK, using a mobile contract under Sky. This tactic creates the illusion of legitimacy, as the number appears to be associated with Sky Mobile.

The scam involves the following steps:
1. Phishing for Email Access: The scammer contacts you, pretending to represent Sky, and requests your email address.
2. Password Reset Exploitation: They initiate a password reset for your Sky email and persuade you to use a password they provide.
3. Account Hijacking: Once they gain access, they make purchases—such as phones, tablets, and accessories—using your account. They also extract personal data for fraudulent activities, including loans and credit applications.

How They Profit:
   •   Products purchased on your account are shipped to UK addresses for resale or international shipping.
   •   Personal information is sold and misused for financial fraud.

Risks for Victims:
   •   Financial Liability: If scammers make purchases on your Sky account, Sky may hold you responsible for the charges.
   •   Data Breaches: Your personal data may be sold and used to commit further fraud.

Security Recommendations:
   •   Never Share Passwords: Do not reset your Sky password based on instructions from unsolicited callers.
   •   Verify Callers: Be cautious of callers with foreign accents or unfamiliar numbers claiming to represent companies like Sky.
   •   Contact Sky Directly: If you suspect fraudulent activity, contact Sky directly through their official customer service channels.

Concerns About Sky’s Security Policies

A suggested security improvement—allowing password resets only via phone rather than email—has reportedly been declined by Sky. This policy leaves customers vulnerable to scams exploiting email-based password resets. Additionally, victims may be held liable for losses, despite being targeted through a company’s security loophole.

Broader Issues in Scam Prevention
1. Telecommunications Providers: Fraudsters exploit weaknesses in telecommunications systems by obtaining fake UK numbers from VOIP providers and telecom companies. These numbers are issued in bulk, potentially due to insufficient oversight by regulatory bodies such as Ofgem.
2. Regulatory Bodies:
      •   Ofgem: Responsible for telecommunications network security but appears to have gaps in enforcement.
      •   ICO (Information Commissioner’s Office): Allegedly reluctant to act against companies aiding in GDPR breaches.
      •   Action Fraud: Criticized as ineffective, often perceived as a superficial effort to address fraud.

Final Thoughts

This issue highlights systemic vulnerabilities in corporate security policies, telecommunications infrastructure, and regulatory enforcement. While individual vigilance is critical, organizations and regulators must take responsibility for mitigating these risks and protecting consumers from fraud.
I wouldn’t waste your time reporting any of these issues with Action Fraud as this is nothing more than a smoke screen to hide the facts they do not care about the illegal activity and they look at us public as nothing more than sheep, the ICO are the same and the telecommunications industry as a hole don’t care as long as they receive stolen money from scammers they do not care about receiving stolen money and refuse to take action to prevent such scams and fraud, they in-fact are happy to allow the Indian, Ghana scammers to use their infrastructure and assist in the theft of data and finances and are happy to receive stolen money.

This information is 100 percent true the government are fully aware and believe because the public are like sheep that we will not find out, what’s more they do not want to stop this illegal activity.

Useless, don't investigate anything, Valerie is not interested, she doesn't contact you. I had lots of data breaches in my nhs file and the nhs are not regulated. Nobody does anything. Useless and nhs know it.

Communication is very poor, and it seems they do not care. I question the purpose of this organization. They fail to take data breaches seriously even when they have identified them themselves.

Almost 100% negative reviews - and if most people could have given zero stars, they clearly would - the feedback speaks for itself, and it seems my experience with the ICO echoes what the majority of what other people have had to put up with. The first time I contacted the ICO was because I made a subject access request to a police force who took several months longer than the legally required 28 days to provide a SAR. The ICO said there was no case to answer - a staggering judgement from an organisation that are supposed to understand UK GDPR - I knew more about it than they did from reading the information online for less than 20 minutes - ironically from the ICO's own website. I appealed to the ICO against this first decision, and after several more months a more senior member of staff decided that indeed, several months is in fact longer than 28 days, and therefore I had been correct that the police had not complied with Data Protection Law - but that was it - they don't do anything other than say you'll need to take the police to court if you want any action against them. It feels like the ICO is part of a system that is designed to prevent the British public from exercising their rights. The ICO did decide in a couple of other instances that the police were breaking Data Protection law (again) - in that information that I'd requested in a SAR took around 11 months to be provided - but this was the only time the ICO provided a correct interpretation of UK GDPR (but they still didn't take action against the police). As part of the same issue I contacted the ICO to report another police force - for something far more serious: I'd sent the ICO written evidence (the police's own emails and the police's own report) showing that police had committed a number of serious data breaches - the police sent pretty much all of my personal data to a private company without my knowledge or permission - and further evidence that the police then concealed the fact that there had been a serious data breach (a criminal offence) after I made a Subject Access Request. It turns out that according to the police's own report that it was in fact one of the Police's own Data Protection Officers who had selectively removed information from a pack of emails that showed that the police had sent my personal data to a private company (name, address, DoB, gender, sexuality - essentially everything), before sending the information to me in a SAR. The ICO decided that there was no case to answer, primarily it seems because the police told them that there was no case to answer, no doubt aided by the ICO studiously ignoring the written evidence that I'd already sent to them. Eventually, and in the light of overwhelming written evidence (the police's own emails), the police admitted to the above (and eventually paid damages). It was only after I sent the incompetents at the ICO (who'd previously decided that the police had done nothing wrong) the written admission from the police, did the ICO respond to say the police had indeed committed a serious data breach - no sh*t Sherlock! - they just parroted back to me what I'd just sent them in the letter from the police - and then the ICO said that they weren't going to do anything further. The ICO say that they won't investigate issues - all they had to was read the evidence that was sent to them and they could not even be bothered to do that. It was not an issue of interpreting the law - it was clear that large amounts of data breaches had been concealed from me. Not following up with any action after the police admitted concealing the evidence of that data breach by hiding around 30 emails that should have been sent in a SAR was at least consistent behaviour from the ICO - they'd done nothing useful in the first place. The ICO is worse than useless in my experience - riddled with unaccountable incompetents, who can't even be bothered to read the clear evidence under their nose. In many ways their existence is worse than them not actually being there - they only serve to get in the way and mess things up, and clearly most of the people working there have a poor understanding of Data Protection Law, and they simply don't care about the truth. It's clear from the Trustpilot reviews and other reviews that there is a systemic failure with the ICO - and the same is true with the PHSO, who are supposed in look into complaints about the ICO - but then won't because they say that you can take the ICO to court to address any issues around the ICO. That's why the ICO say if you have serious complaints about them that you should complain to the PHSO. I don't think our politicians can care that these organisations are not fit for purpose - these bodies seem to work against the UK public who are they supposed to be working for.

Another totally useless Qango.
Why do they exist. When you advise them of a breach of your personal data they say you have to deal with the problem. All these organizations supposedly there to protect consumers are just set up , I presume by government to create the impression that there is some form of regulation when inn effect there is not.
My complaint was that I received a call from British Gas to whom I have not given any personal details and they had obtained my full name and personal mobile number and wanted to offer me a cheaper energy deal that turned out to be considerable more expensive than the daily charge and unit price than I pay but they claimed would cost me less than half of what I currently pay. Yes another energy company MIRICLE.
I think many consumers are conned into switching suppliers by these sort of tactics which end up costing more for us poor long suffering members of the public.

I object to my taxes propping up this paper tiger regulator. Everything you expect, you don't get. Everything you would imagine they would do- ensure your legal rights are upheld- they don't. I wanted two pieces of information from the NHS- after months of trying to get them they just ignored all correctly delivered SAR's. I referred to the regulator- 4 month wait for initial response. Didn't bother to understand the complaint and sent generic reminder to NHS. It was ignored, they sent another, then an urgent one. Nothing received. Now they are saying case closed- I can take the NHS to court to get my record if I want. Thanks for nothing! No wonder so many scandals emerge years after they could have done. Totally worthless regulator.