Or words to that effect. My god what an ignorant bunch of people in that office.
As you may be aware the Data Protection Commissioner’s Office investigated Bank of Ireland’s losing of four laptops. BOI won’t publish the report. I tried to do an FOI to get details of this report but was told rather smugly by their media person “You can’t find details of our FOI Officer because we don’t have one. We don’t come under FOI.” It was suggested I send in a request anyway and they’d consider it. So I did and it’s below. Their answer came back two hours later, which is also below. They really considered it for a while didn’t they?
Thanks for the call. What I was looking for and which I wrongly assumed I could get under FOI was the report sent to Bank of Ireland about their laptop thefts. RTE last week reported that the Data Protection Commissioner’s Office delivered a report to Bank of Ireland which included recommendations to prevent future data loss. Bank of Ireland said they would not release that report. I was looking for said report but obviously with the commercially sensitive information removed. I doubt that all the report is giving away BOI’s IP.
I also wanted to get details of the costs involved in putting that report together. Numbers of staff and manhours involved.
And the reply:
As you are aware, no regulations are currently in force specifying this office as a body to which the Freedom of Information Acts apply. As a matter of good practice and with due regard to the privacy of the parties involved, we endeavour to keep both data subjects and data controllers informed of the progress of investigations. This does not apply to your request. Having reviewed your request, I won’t release any of this information to you.
I made it very clear that I wanted non commercially sensitive information. Suddenly everything is commercially sensitive?
Why is the Data Protection Commissioner using taxmoney to write reports for non-Government organisations and then refusing to disclose a single sentence in the report? Were they under FOI they’d have to disclose everything in it that is not commercially sensitive and even then it can be argued with appeals.
What’s worse is the DPC refuses to disclose the work and costs involved in creating this report. I think the public have a right to know at least this. How is this information breaching privacy? It’d be nice to see how much money was spent on behalf of Bank of Ireland’s screwup. Bank of Ireland’s profit before tax was €1.93 billion for the year ended 31 March 2008, by the way.
I’m meeting some EU folks in a few weeks where they’ll be asking about ComReg and the DPC. Once again I’ll be happy to point out what a useless shower they both are.