Data Protection and constituents queries

I have asked my office to be fully compliant with the General Data Protection Regulation.

We will pass information on to public bodies or other counterparties involved in a complaint or query when a constituent writes in. We will regard the submission of the complaint or query as consent to this.  We will keep a record of that query and response usually  for the life of the Parliament in case of follow up issues, and will update constituents as appropriate on that topic.

Where the data sent is particularly sensitive, as with details on medical conditions and treatment, we will usually request express permission to share this with the other  bodies involved.

We have always sought to handle people’s data well and to respect confidentiality. We have to trust government, local government and their  Agencies to do the same when we pass on information to seek to resolve an issue.

We have also often have to point out that I cannot act on a case affecting someone’s adult relative without the express permission of the person affected. I understand why people often want to intervene for their adult children or for their parents, but unless they have power of attorney I do need to ask for consent from the person at the centre of the complaint or query. If a power of attorney is involved then my office need to see the written record of it. Where the relative is living in another constituency it will usually be necessary to refer them to the MP for that constituency, whilst I am happy to take up all such issues affecting people living in my constituency, even if they have been initiated by a relative living elsewhere. I will always need the consent of my constituent.


  1. alan jutson
    May 22, 2018

    Speaking from personal experience, Power of Attorney so important nowadays if you want officialdom to take real notice of you or your trusted families/relatives wishes.

    Easy to set up, but as usual Solicitors charge a small fortune per hour just to complete official paperwork.

    1. Lifelogic
      May 22, 2018

      Indeed and regulations have made it more complicated and they now have to be formally registered as LPAs rather then EPAs. Government love to move the goal posts, up the costs, confuse and change the names as often as possible. Lots more work for essentially parasitic lawyers that way.

      1. Lifelogic
        May 22, 2018

        An £82 tax it seems. Even if you avoid using the lawyers.

  2. Adam
    May 22, 2018

    In earlier, gentler times, members of families or friendly neighbours could often assist others locally, in good faith, without fulfilling rigorous identity & authorisation criteria. The extreme situation now is that even partners in marriage are regarded as risky, & planning sinister intent.

    1. rose
      May 23, 2018

      This is very like the rent controls etc of the seventies: if you regulate the decent people out of doing something, the other sort will take over.

  3. Iain Gill
    May 22, 2018

    Last time I complained to my MP (and via him the relevant minister) a county council blatantly lied in all their responses. I did gently explain this to the MP and minister, but I dont think they got the magnitude of the lying going on. In the end the issue was resolved by other means, but the sour taste of this left in my mouth will last a long time.

    I think this particular county council department is well versed in misreporting their performance, and the reality of what is going on, as if they were to admit the truth the minister would have no alternative but to take radical action against them. (I may as well mention it was an education authority, letting the public down in significant ways)

    Given that this is just little old me, I wonder how many others are let down in this way in extreme.

    I only mention this John as I dont think the usual MP/minister tag game of letters really achieves much in these extreme cases of public sector poor performance.

    The previous data protection legislation was toothless anyways, this will be no different. The sheer volume of institutions having data processed in India (and therefore outside the EU and against the data protection rules) without consent from the subject is massive. The regulator has taken no real serious actions, its always a tame letter and nothing more.

    Anyways good luck.

  4. agricola
    May 22, 2018

    The problem is not with such as yourself, trying to help your constituents, as you do not sell data as a business. About three years ago I ran into the dumb end of data protection. I contacted a military services help organisation on behalf of an ex fighter pilot mate who had almost become bedridden and might have appreciated contact with ex service colleagues who could alleviate his problems. They told me that unless he asked directly they were not, under current legislation, permitted to contact him on my tip off. It left me asking what was the point of their supposed benevolence. If the law blocks humanitarian aid what is the point of the law. If my friend did not welcome help he could have always said no.

    Social media companies are there for the express purpose of making a profit from data. Not signing up to the rules of these organisations usually means that you are not permitted to use them. Having said this I can sympathise with the Googles of this World because they need to make money to offer the service they do. Possibly we need a strict opt in / opt out from data collection or perhaps data collection that is not subsequently linked to the customer. Individuals would then cease to be bombarded on the internet with intrusive advertising based on things you may have clicked on in the past. There needs to be a way to detach the data from the individual.

    It would seem that the law is preventing real help for the individual, while holding the door open to uninvited corporate intrusion. You as a parliament of lawyers need to get it back in balance.

  5. libertarian
    May 23, 2018

    Following my earlier post where I mentioned that the vast majority of so called GDPR consent to stay emails are at best unnecessary , some may be illegal and all of them are damaging the sender, here’s a legal firms take on the same subject

Comments are closed.