Most journalists have heard about the Freedom of Information Act, a useful tool in gaining access to information held by government agencies. The Press Gazettes FOI campaign and the BBC’s Open Secrets Blog are as good places as any to start learning about how journalists and media organisations are using this tool.
But many journalists don’t realise that they have another powerful tool at their disposal – the Data Protection Act 1998.
I first discovered the usefulness of the Data Protection Act a few years ago when I used it to claim back thousands of pounds from an academic institution that, whilst very good at chasing me for tuition fees, hadn’t provided the amount or level of tution I would have hoped to have received.
I argued the case that I’d been mistreated (well, more like not treated at all!) to no avail so I decided to use the UK’s Data Protection Act to force the institution to reveal what, if any, records they held on me. The records revealed a catologue of issues and helped me make a much stronger, and ultimately successful, case for a full refund of tuition fees paid.
Towards the end of last year, I tried to use the Data Protection Act again, this time to get some records from Google after I was kicked out of their AdSense programme without explanation. Two letters later and I’ve still not heard back from them although some readers of this blog who have taken the same steps as I did had almost immediate results. Eventually get around to chasing that up again but, as no money is at stake, it’s kind of fallen on the backburner for now.
This weekend, I decided to take a few minutes to go on another Data Protection Act adventure, this time in an attempt to reclaim bank and credit card charges. Anyone who has ever accidently gone over their overdraft limit, forgot to post a cheque to a credit card company in time, or had a cheque returned uncashed will know that banks charge as much as £75 each time this happens. Now I usually try to be good about keeping payments and such up to date but, over the past years, am sure I’ve paid a few hundred pounds in such fees.
So, inspired by letters in the pages of the Guardian’s excellent Saturday Money supplement and the website of “Money Saving Expert” Martin Lewis, this weekend I sent Data Protection Subject Access requests to my bank and two credit card providers. I’ve asked for a full list of charges made against me, instead of statements per se (which aren’t covered by the DPA), and enclosed a £10 cheque with each to cover the statutory maximum that the bank can charge to supply the information requested.
Once I get the information I’ve requested, I’ll then write to each of the banks, explaining that the charges were disproprotionate to the cost actually incurred in sending them and, as such, they are penalty fees that would not hold up under UK contract law.
I’ll let you know how I get on…