Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

GDPR

Options
  • 13-10-2021 2:22pm
    #1
    Claw Hammer
    Registered Users Posts: 6,177 ✭✭✭


    It is illegal for a person to reply to a letter from a solicitor if the solicitor doesn't supply a written authorisation from their client to release the clients personal data?



Comments

  • Options
    #2
    Peregrinus
    Registered Users Posts: 26,240 ✭✭✭✭Peregrinus


    I'm assuming the solicitor's letter asks you to disclose personal data about the client, and that the reply you refer to would disclose that personal data. I'm assuming you're a data controller in respect of the data.

    No, unless there are some unusual facts that you haven't mentioned, it's not illegal for you to reply disclosing the personal data.

    The client has a right of access to the data. The client, through their solicitor, is seeking to exercise that right. You only have a problem if the solicitor is not, in fact, acting on behalf of the client. As solicitors are a regulated profession, unless you have some reason to think that the solicitor is lying about this - which is most unlikely - it's reasonable for you to assume that a solicitor who says that he is acting for the client, and on the client's instructions, is indeed acting for the client and on the client's instructions.



  • Options
    #3
    Claw Hammer
    Registered Users Posts: 6,177 ✭✭✭Claw Hammer


    I can't find any reference to that in the GDPR though.



  • Options
    #4
    Mrs OBumble
    Registered Users Posts: 25,799 ✭✭✭✭Mrs OBumble


    If a request like that turned up without a written authorisation from the client, then you'd have to question the competence of the solicitor.



  • Options
    #5
    Claw Hammer
    Registered Users Posts: 6,177 ✭✭✭Claw Hammer


    https://www.boards.ie/discussion/comment/118018911#Comment_118018911

    Are you saying that every solicitor who sends a letter on behalf of a client should include a written authorisation to release data?



  • Options
    #6
    Peregrinus
    Registered Users Posts: 26,240 ✭✭✭✭Peregrinus


    https://www.boards.ie/discussion/comment/118018429#Comment_118018429

    Nor do you find anything in the GDPR saying that a data subject exercising his right of access through a solicitor must cause the solicitor to present a written authorisation signed by the data subject to the data controller.

    Why would you expect things like this to be thrashed out in the GDPR? The GDPR confers the right of access; it doesn't go into detail on the minutiae of the ways in which it can be exercised. The usual principles and rules that deal with solicitors acting as agents of their clients generally apply in relation to this too; why wouldn't they?



  • Advertisement
Advertisement