Agree with that analysis. Similar weaknesses with Data Protection Commissioner’s Office due to backlog of cases ... the bank’s know to ‘play the game’ and they can say what they want..
in this instance the bank’s management claimed to DPC that important documentation/ notes on file regarding customer instructions were temporary in nature (post its/ verbal messages) and were not available ...
Fortunately the customer was able to show that the call centre staff actually sent emails to relevant departments per recorded calls and did not use post-it’s!
The process with ODPC and FSPO takes years. They are slow to act - possibly due this the large fees that pay their salaries from the banks. At each occasion when bank is proven to have intentionally misled the investigation, they simply claim that now the bank has corrected the error. Fortunately - one learns to be persistent
Fortunately the customer was able to show that the call centre staff actually sent emails to relevant departments per recorded calls and did not use post-it’s!
This would typically be by internal system email etc.
What has the DPC done? You can now sue for failure to comply with data protection law without having to prove damagesThe bank denied most data even existed. That’s the main issue
Any more happening here?The ODPC are very slow. Maybe they are busy. The get replies from bank and send to me for comment. I comment and they send to bank. I get ‘drip fed’ with additional data - which the bank originally denied existed and then was ‘found’. I think the commissioner’s office is reluctant to investigate as the bank pay a big registration fee. I complained to ODPC and the case starts ab initio.