Canterbury City Council – Dismissed (United Kingdom, 2019)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Canterbury City Council refused to share complaints about a property, saying it would violate privacy rules. The Information Commissioner's Office decided that the information was actually the complainant's own data since they had lived there. This case shows that individuals can access their own personal information even if it involves complaints from others.
What happened
Canterbury City Council withheld information about complaints regarding a property, claiming it was personal data of third parties.
Who was affected
The complainant, who owned or occupied the property in question, was affected by the Council's refusal to disclose the information.
What the authority found
The Information Commissioner's Office ruled that the information was the complainant's own personal data and should be disclosed.
Why this matters
This decision highlights that individuals have the right to access their own data, even when it involves third-party complaints. Small businesses should ensure they understand how personal data requests work.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
National Law Articles
The complainant has requested the disclosure of information about complaints in respect of a specified property over a defined period of time. Canterbury City Council (“the Council”) withheld the information because it considered that the information within scope was the personal data of third parties and that disclosure would breach the GDPR principles. The complainant challenged the decision before the ICO. Are the information contained in the complaints sensitive personal data? Would a disclosure to the word art large and not to the complainant only, contravene GDPR principles ? The Commissioner’s decision is that, as the complainant and his family have either owned or occupied the land in question during the time period specified, all the information falling within the scope of the request is in fact the complainant’s own personal data. The ICO has therefore applied Regulation 5(3) of the Environmental Information Regulations 2004 (EIR) which prevents disclosure to the world at large of information including personal data. Also, the ICO considered that the personal data at issue were criminal offence data about the complainant, as described by Article 10 GDPR, and not special category of personal data, as described by Article 9 GDPR. The complainant requested information about members’ registers of declaration of interest. Snowdonia National Park Authority (‘the Authority’) withheld the information requested under section 40(2) of the FOIA. This provision applies as an exemption to the principle of disclosure, if there is third party personal data concerned. The Commissioner found that the Authority had incorrectly applied section 40(2) to the request. The Commissioner required the public authority to disclose the information requested by the complainant, namely, the previous copies of the members’ registered of declaration of interest. The Commission found that the information comprised declaration of personal interest forms completed by members of the
Outcome
Dismissed
The complaint or investigation was dismissed.
Related Enforcement Actions (0)
No other enforcement actions found for Canterbury City Council in UK
This is the only recorded action for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Canterbury City Council - United Kingdom (2019). Retrieved from cookiefines.eu
Last updated: