Key Facts
- •Olumide Smith (Applicant) applied to the First-tier Tribunal (General Regulatory Chamber) under section 166 of the Data Protection Act 1998 (DPA 1998) against the Information Commissioner (Respondent).
- •The application challenged the Information Commissioner's handling of Mr. Smith's complaint, including allegations of errors of fact and law, discrimination, and procedural failures.
- •The application also included complaints against Cisco Systems Internetworking (Ireland) Limited and Euromoney for alleged data protection breaches and other misconduct.
- •The Information Commissioner applied to strike out the application under rule 8(3)(c) of the Tribunal Procedure Rules 2009, arguing it lacked reasonable prospects of success.
Legal Principles
Section 166 DPA 1998 does not allow challenges to the substantive outcome of a complaint; relief is limited to procedural failures.
Data Protection Act 1998, Section 166
The Tribunal has no power to review the merits of a complaint to the Information Commissioner.
Killock & Veale & ors v Information Commissioner [2021]UKUT 299 (AAC) and R (on the application of Delo) v Information Commissioner and Wise Payments Ltd [2022] EWHC 3046 (Admin)
Claims of data protection breaches by data controllers should be pursued via separate civil proceedings under section 167 of the DPA 1998.
Data Protection Act 1998, Section 167
Outcomes
The application was struck out under rule 8(3)(c).
The Tribunal lacked jurisdiction to address the merits of the complaint or the actions of the data controller. The Applicant's complaints related to the Commissioner's conclusions, not procedural failures. There were no reasonable prospects of success.