Summary: We will not investigate Miss X’s complaint. This is because her complaint about data matters is best considered and decided by the Information Commissioner’s Office and there is no sign of fault in the Council’s decision not to consider her data complaint via its corporate complaints procedure.

The complaint

1. Miss X complains the Council committed data breaches in wrongly disclosing sensitive personal data relating to her and her partner with her ex-partner. She also complains about the Council’s decision not to consider her complaint about it via its corporate complaints procedure.

Back to top

The Ombudsman’s role and powers

2. We investigate complaints about ‘maladministration’ and ‘service failure’, which we call ‘fault’. We must also consider whether any fault has had an adverse impact on the person making the complaint, which we call ‘injustice’. We provide a free service, but must use public money carefully. We do not start or continue an investigation if we decide:

• there is not enough evidence of fault to justify investigating, or
• there is another body better placed to consider this complaint. (Local Government Act 1974, section 24A(6), as amended, section 34(B))

3. We normally expect someone to refer the matter to the Information Commissioner if they have a complaint about data protection. However, we may decide to investigate if we think there are good reasons. (Local Government Act 1974, section 24A(6), as amended)

Back to top

How I considered this complaint

4. I considered information provided by the complainant and the Council.
5. I considered the Ombudsman’s Assessment Code.

Back to top

My assessment

6. Miss X complained to the Council that it wrongly disclosed sensitive personal information about her and her current partner to her ex-partner.
7. The Council did not uphold Miss X’s complaint. It signposted her to the Information Commissioner’s Office (ICO) if she was dissatisfied with its response.
8. Miss X asked the Council to escalate her complaint to stage two of its complaints procedure. The Council explained it had responded to her complaint outside of its corporate complaints procedure because complaints about data matters, such as this, are excluded from its complaints procedure. It said it had responded fully and reiterated its signposting to ICO and to this office.
9. We will not consider Miss X’s complaint about alleged data protection breaches by the Council. This is because it is about data matters best considered and decided by the ICO as per the Council’s signposting. It is the body set up to consider data matters and it is best placed to consider it.
10. We will not investigate Miss X’s complaint about the Council’s decision not to consider her complaint via its complaints procedure. This is because there is no sign of fault in the Council’s decision. As set out in the Council’s response, its published Customer Feedback and Complaints Policy sets out matters which are excluded from its complaints procedure and this includes complaints about data protection matters. The Council has acted in line with this.

Back to top

Final decision

11. We will not investigate Miss X’s complaint because the data matters raised in the complaint are best considered and decided by the ICO and because there is no sign of fault in the Council’s decision not to consider her data protection complaint via its complaints procedure.

Back to top

Investigator's decision on behalf of the Ombudsman