We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

PPI - from 2003

Options
13»

Comments

  • good-samaritan
    good-samaritan Posts: 19 Forumite
    Hello Magpiecottage - thanks for your post regarding archive data retrieval, this is now very interesting to me. From your personal experience of archives and microfiche, do you have any substantive information that could indicate client data could be retrieved without provision of an account number. If it can be shown that Black Horse do have the facility to retrieve files without an account number, this would represent a massive leap forward for consumers that are currently being denied any access to justice.

    Equally, do you have any personal experience of similar archive systems where retrieval has been made possible using newer technology applied to the old archive. If you are able to provide any insight into this issue then you would be helping consumers on a massive scale. This is an issue outside my sphere of knowledge and the ICO have been unable to assist with any application of Data Protection disclosure obligations.

    A very similar situation happened with Yorkshire/Clydesdale who stated that they did not have any historic records - so refused to investigate older complaints. It was proven that this was not the case and that they were just not looking hard enough and in the right place - the FCA fined them £20 Million and they are now having to re-process huge numbers of older claims that they tried to ignore. However, C/Y could retrieve without account number so not an identical situation to BH.

    The BH situation is unique at the moment - no other firm is doing this in admitting that they do have records back to the 80's but stating that they can only be retrieved with a/c ref.

    If you can offer any information then you would be helping on a scale that applies to numbers of consumers which you would not believe!
  • magpiecottage
    magpiecottage Posts: 9,241 Forumite
    1,000 Posts Combo Breaker
    I cannot say categorically what Lloyds situation was. It was probably different for each subsidiary.

    What the Data Protection Act says is that a Data Subject Access Request enables an individual to obtain any data held on them in a "relevant filing system".

    "Relevant" is not specified precisely because it means "relevant to what the data subject tells the data controller". So if they tell them only their name, that might be all that is need. I have a friend who is the only person in the world with her name. I think she might well be the only person with that name who has ever existed.

    On the other hand, there are currently about 1,500 people in the UK who share my name (at one time, including my own boss!) so it would not be enough.

    If documents are only held by account number, as in the case of Black Horse, then your name is relevant to the search only for the purposes of verifying that the records really do relate to you before they are disclosed.

    The rules also state only that information which could be retrieved by a reasonably competent temp without specialist knowledge of the Data Controllers systems could find.

    So, for example, I might be able to interrogate my erstwhile employer's systems using knowledge from 30 years ago and work out what somebody's account number was and order the microfiche. However, a temp could not and it is doubtful anybody working there now could. So that would not be expected.

    Could the old microfiche be looked at by a computer to find the information?

    In theory, yes but there are problems. To do this you would, in effect, need to scan the whole lot in and that is probably millions of accounts each with many pages of record, so it would take ages to do.

    You would then need to run optical character recognition on each and hope it worked.

    However, not only would this take an enormous amount of time and effort but you have a legal issue.

    Each of those records is somebody's personal data and you would now be processing it in a way that they never gave permission for you to process it.

    If they are still alive, you need to get their permission BEFORE you process it. You do not know who is dead and who is alive, though.

    No do you know their names and addresses and, since you can't put it into a computer system until you have obtained permission, you would have to go through the files manually then write to each.

    Since no response could be because the address is out of date, rather than that they were dead, you could only do this on those people who actually responded positively.

    So to all intents and purposes it would be impossible.
  • good-samaritan
    good-samaritan Posts: 19 Forumite
    Thank you anyway for the comprehensive update. Still all very interesting and useful to know for other situations.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 351K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.6K Spending & Discounts
  • 244K Work, Benefits & Business
  • 598.9K Mortgages, Homes & Bills
  • 176.9K Life & Family
  • 257.3K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture