‘The Information Commissioner’s Code of Practice on Data Protection steadfastly maintains that data controllers cannot refuse to respond to a subject access request unless one of the specific exceptions in the Data Protection Act 1998 (“DPA”) applies. However, there is a growing body of case law on the circumstances in which the courts will refuse to enforce compliance with subject access requests under s 7(9) of the Act, even where one of the specific exceptions under the Act does not apply.’
Panopticon, 12th August 2015
Source: www.panopticonblog.com
