§ Mr. CohenTo ask the Secretary of State for the Home Department to what investigations his Department has been subject by the Data Protection Registrar in relation to a suspected breach of a data protection principle; if he will summarise the nature of each complaint and state when the complaint was made; and what remedial action was taken by his Department to ensure future compliance with the principle subject to the investigation.
§ Mr. Peter Lloyd[holding answer 21 May 1993]: The Data Protection Registrar has recorded 10 complaints against the Home Office. The registrar does not have detailed records of these complaints available, but gives the following information:
Complaint type Number received Date received Principle 4 1 27 January 1993 Principle 5 1 16 December 1991 Principle 7 6 12 November 1987 25 February 1988 12 June 1989 28 September 1989 5 November 1991 15 March 1993 Section 5(1) 1 10 February 1990 Unauthorised disclosure 1 26 March 1992 The Home Office has central records of only four complaints:
1. Passport Agency: Principle 4
(Received in the Home Office 19 February 1993)
A complainant was asked for his marital status when renewing his passport, and held that this was excessive information for the purpose for which it was required. The registrar accepted that the Data Protection Act did not apply as the information was not held on a computer.
2. Prison Service: Principle 7
(Received in the Home Office 16 October 1989)
The complainant was an inmate of Lincoln Prison, and alleged that he had not been given access to a computer record containing personal data relating to him. The complainant was informed of the proper procedures for requesting access to his computer record, and the registrar concluded his investigation.
3. TV Licences: Principle 5
(Received in the Home Office 10 March 1988)
A complainant said that the initial of his first name shown on his TV licence was incorrect. The complainant's TV licence was amended to show his correct name, and the registrar concluded his investigation.
4. Prison Service: Principle 7
(Received in the Home Office 7 March 1988)
The complainant was an inmate of Durham prison, and alleged that a request for subject access to a computer record held on him at the prison had not been complied with. The complainant subsequently withdrew his claim to have made a subject access request, and the registrar closed his file.
727WSince 1987, every Home Office department has held detailed instructions on compliance with the requirements and principles of the Data Protection Act in general, and on subject access procedures specifically. None of the complaints made to date suggests that those procedures need any amendment. The procedures are, however, kept under review and will be updated as and when necessary.