ICO issues formal apology to ex-NatWest chief Dame Alison Rose over claim she broke data privacy law on Farage
The Information Commissioner’s Office has formally apologised to former NatWest chief Dame Alison Rose over a claim she broke data protection laws.
The Information Commissioner’s Office has issued a formal apology to former NatWest boss Dame Alison Rose over a claim she breached data protection laws over Nigel Farage’s banking relationship. The UK data watchdog had last month suggested Rose had broken rules by confirming Farage had accounts with the private bank Coutts, and misleading a journalist over why it planned to close them. It also went on to say that it did not plan to take any action, given she had already resigned from her position.
Two days after the findings, however, it said it would urgently relook at them following complaints from Rose. In the second review, released on Monday (November 6), the ICO had suggested it had mishandled the case and the way the main findings were announced.
It said it was “incorrect” to imply she violated data protection laws when she spoke with a BBC journalist in respect of the former Ukip leader, as the ICO’s investigation was solely into NatWest’s actions as a data controller.
The statement read: “The ICO recently investigated a complaint from Nigel Farage. The ICO's investigation was solely into NatWest's actions as a data controller. Our comments gave the impression that we had investigated the actions of Alison Rose, the former CEO of NatWest Group. This was incorrect. We confirm that we did not investigate Ms Rose's actions, given that NatWest was the data controller under investigation.
“We accept that it would have been appropriate in the specific circumstances for us to have given Ms Rose an opportunity to comment on any findings in relation to her role and regret not doing so. Finally, we apologise to Ms Rose for suggesting that we had made a finding that she breached the UK GDPR in respect of Mr Farage when we had not investigated her. Our investigation did not find that Ms Rose breached data protection law and we regret that our statement gave the impression that she did.”