London Borough of Hillingdon (15 007 464)

Category : Other Categories > Elections and electoral register

Decision : Not upheld

Decision date : 05 Nov 2015

The Ombudsman's final decision:

Summary: Mr X complains the Council released his electoral details to private companies without his consent. The Ombudsman will not investigate as there is a legal remedy Mr X can pursue and it is reasonable to expect him to do so.

The complaint

  1. Mr X complains the Council released his electoral details to private companies without his consent.

Back to top

The Ombudsman’s role and powers

  1. The Ombudsman investigates complaints about ‘maladministration’ and ‘service failure’. In this statement, I have used the word fault to refer to these. She must also consider whether any fault has had an adverse impact on the person making the complaint. I refer to this as ‘injustice’. She provides a free service, but must use public money carefully. She may decide not to start or continue with an investigation if she believes:
  • the fault has not caused injustice to the person who complained, or
  • the injustice is not significant enough to justify her involvement, or
  • there is another body better placed to consider this complaint.

(Local Government Act 1974, section 24A(6))

  1. The law says the Ombudsman cannot normally investigate a complaint when someone could take the matter to court. However, she may decide to investigate if she considers it would be unreasonable to expect the person to go to court. (Local Government Act 1974, section 26(6)(c))

Back to top

How I considered this complaint

  1. I have considered the information Mr X has provided to the Ombudsman. This includes details of his complaint to the Council, the Council’s response and the Information Commissioner’s decision about his complaint.

Back to top

What I found

  1. If a person believes they have been affected by the way an organisation has handled their personal information they may refer the matter to the Information Commissioner. (Data Protection Act 1998, section 42)
  2. The Information Commissioner will consider whether there has been a breach of the Data Protection Act 1998 and may take enforcement action if this is deemed necessary. The Information Commissioner will consider whether the breach has caused or is likely to cause any person damage or distress. However the Information Commissioner does not recommend any financial remedies although they may fine an organisation which is found to have breached the Act.
  3. An individual who “suffers damage” as a result of a breach of the Act is entitled to compensation. Compensation can be claimed from the organisation found to have breached the Act. This is usually done through the county courts. (Data Protection Act 1998, section 13)

What happened

  1. Mr X complains the Council shared his personal details with private companies despite him ‘opting’ out of having his details available on the electoral roll. Mr X says he received large amounts of junk mail and was distressed to find his personal data for sale on line. Mr X seeks compensation for this distress and the time he has spent trying to resolve this matter.
  2. Mr X complained to the Information Commissioner’s Office (ICO). The ICO found the Council had breached the Data Protection Act in that it released personal data about Mr X. The ICO was satisfied this was a technical problem and will not recur as the Council no longer uses the same system. The ICO also noted that the private companies in question have removed Mr X’s details from their databases. The ICO therefore proposed no further action.
  3. The ICO said the Council had not sold Mr X’s information to private companies. Instead it had passed inaccurate information about Mr X to credit reference agencies (i.e. that he had opted to have his details available on the electoral role). It was these agencies who sold Mr X’s details on to other parties based on the information provided by the Council.
  4. Mr X says it is important the Council “rectifies its mistakes” and says the Council should be compelled to contact all parties who may have received his information. He also says the Council should contact everyone whose information was shared and inform them there has been a breach of the Data Protection Act 1998.
  5. Mr X says the Council should compensate him for the distress this has caused him and his time dealing with the complaint.

My findings

  1. The ICO has already considered Mr X’s complaint about the way the Council dealt with his personal information. Therefore it would not be appropriate for the Ombudsman to consider this complaint again and make further recommendations over and above those already made by the ICO.
  2. The ICO has no power to award or recommend compensation for those who have been affected by a breach of the Data Protection Act 1998. However there is a legal remedy set out in the Act which people can use if they wish to claim compensation for distress. I see no reason why Mr X cannot take court action against the Council if he is seeking compensation.

Back to top

Final decision

  1. I have discontinued my investigation into this complaint as the ICO has already considered it and there is a legal remedy open to Mr X if he wishes to claim compensation.

Back to top

Investigator's decision on behalf of the Ombudsman

Print this page