Go to content

ICO’s Response - The Record Speaks

This publication is grounded in fundamental rights:  
- Art. 6, 8, 10 ECHR (defence, private life & reputation, public‑interest documentation)  
- Art. 2, 21, 24 Italian Constitution** (fundamental rights, freedom of expression, right to defence)  
- Art. 89 GDPR (archiving in the public interest)
This platform operates as a website integrated with a Progressive Web App (PWA).
A small “Install” button should appear in the bottom‑right corner of your screen,
although its visibility may vary depending on your system configuration and browser settings.

THE RECORD SPEAKS

“Protection Mode enabled — Security Level 4/5.
System running with intermediate safeguards and enhanced telemetry collection.”

“Protection Mode enabled — Security Level 4/5.
System running with intermediate safeguards and enhanced telemetry collection.”

“Protection Mode enabled — Security Level 4/5.
System running with intermediate safeguards and enhanced telemetry collection.”

“Protection Mode enabled — Security Level 4/5.
System running with intermediate safeguards and enhanced telemetry collection.”

“Protection Mode enabled — Security Level 4/5.
System running with intermediate safeguards and enhanced telemetry collection.”

“Protection Mode enabled — Security Level 4/5.
System running with intermediate safeguards and enhanced telemetry collection.”


Skip menu
Notice: The Progressive Web App (PWA) - STATUS: OK / WEBSITE - STATUS: OK
therecordspeaks.it
Skip menu

ICO’s Response

The Case File > legal-correspondence
📎 Transparency Note – Provenance, Integrity and Archival Status of the PDFs
This page reproduces, for purposes of defence, research, and procedural transparency, two official PDF documents obtained through lawful disclosure and preserved under the archival standards applied throughout this dossier. Both files originate from institutional sources and are included to ensure that the factual record remains accessible, verifiable, and available for contestation‑proof analysis. Their presence enables a coherent reconstruction of events and supports the exercise of the right of defence.

📄 Permitted Use and Restrictions
The PDFs published on this page are authorised exclusively for study, research, evidentiary reconstruction, and public‑interest scrutiny. Any use outside these permitted purposes — including legal use against this website or its owner — is strictly prohibited. The documents are provided solely to support transparency, procedural review, and the safeguarding of fundamental rights.

2. Summary of the ICO’s Position
The ICO stated that:
  • ESCC “has not infringed its data‑protection obligations” because the related CCRC case remains open
  • the Press Office publication is “based on public‑domain records” and its online retention is legitimate
  • the ICO’s jurisdiction is limited to UK law, and the Italian authority “may be different,” but “we cannot comment on that”
  • the complainant “could send through erasure requests once the CCRC outcome is known”

3. Legal and Procedural Assessment
3.1 Jurisdictional Error – Article 3(2) EU GDPR and Article FINPROV.10A TCA
The ICO acknowledged the complainant’s residence in Italy but failed to apply Article 3(2) GDPR, which extends EU jurisdiction to UK‑based controllers making personal data accessible within the EU.
This omission is incompatible with Article FINPROV.10A of the UK–EU Trade and Cooperation Agreement (TCA), which preserves EU‑equivalent protection for personal data transmitted to the UK:
“Transmission of personal data from the Union to the United Kingdom shall not be considered as transfer to a third country under Union law, provided that the United Kingdom does not apply […] a level of protection lower than that provided for by Union law.”
By disregarding the EU accessibility of the ESCC publication and the complainant’s EU residence, the ICO failed to apply the extraterritorial safeguards preserved under the TCA.
3.2 Misapplication of Article 17 GDPR – Right to Erasure
The ICO linked erasure to the outcome of the CCRC case.
This is legally incorrect.
  • Article 17 GDPR requires erasure when data is no longer necessary for its original purpose
  • The ESCC publication is administrative, not judicial
  • It cannot rely on the “legal obligation” exemption
3.3 Breach of Article 5(1)(d) GDPR – Data Accuracy
The ESCC article titled “Faked letter lands Blue Badge applicant in court” is outdated and omits reference to ongoing proceedings.
Maintaining it online without correction violates the obligation to keep personal data accurate and up to date.
The ICO’s acceptance of ESCC’s position endorses a continuing breach of data‑protection principles.
3.4 Procedural Deficiency – Lack of Impartial Inquiry
The ICO claims to have “spoken with ESCC on 27 January 2025,” the same day the decision was issued.
No record of inquiry into cross‑border impact or Italian jurisdiction was provided.
This suggests validation of the controller’s position without independent assessment, contrary to Sections 165–167 DPA 2018.
3.5 Denial of Effective Remedy – Articles 77–79 GDPR
The ICO advised the complainant to “seek legal advice” instead of ensuring redress.
Articles 77–79 GDPR guarantee the right to an effective, non‑judicial remedy before a supervisory authority.
Closing the complaint while acknowledging unresolved harm does not constitute an effective remedy.

4. Broader Implications
The ICO’s decision reflects a systemic issue in post‑Brexit data governance:
  • a narrow domestic interpretation of data‑protection duties
  • reluctance to engage with cross‑border accessibility and reputational harm
  • erosion of UK–EU regulatory cooperation
By declining to act on the EU accessibility of the ESCC article, the ICO effectively licensed reputational harm against an EU‑resident citizen, undermining the foundational purpose of data‑protection law: to safeguard individuals, not jurisdictions.

📑 Conclusion
The ICO’s handling of case IC‑336182‑R3X5 reveals:
  • failure to apply extraterritorial provisions of the GDPR and the TCA
  • misinterpretation of the Right to Erasure
  • disregard for data accuracy and procedural fairness
  • denial of effective remedy under EU and UK law
For these reasons, the ICO’s conclusion cannot be regarded as lawful or adequate under the spirit or letter of the GDPR.
This site will continue to document the case in full transparency, ensuring that the record remains clear, accurate, and compliant.

Methodological Seal
The assessment presented on this page is derived exclusively from the ICO’s own correspondence, statutory provisions, and the publicly accessible ESCC publication.
Each observation is grounded in verifiable text, cross‑border legal obligations, and established principles of supervisory accountability.
The documented inconsistencies, jurisdictional omissions, and procedural deficiencies form a coherent and traceable pattern across the evidentiary record.
The analysis adheres to standards of transparency, accuracy, and proportionality, ensuring that the reconstruction remains contestation‑proof and fully anchored in the materials disclosed.

Procedural Closure – Status Recorded   

This notification was formally issued to all relevant entities, who were offered the opportunity to provide clarifications or counter‑documentation. As of the present date 21 February 2026, no objections, corrections, or alternative factual reconstructions have been submitted. The notification phase is therefore considered procedurally closed. A right of reply remains available, but any late submissions will not alter the factual framework established during the notification period.

The Record Speaks
Public Disclaimer Published documents disclaimer

Italiano (vincolante)  
Tutti i disclaimer sono raccolti sotto la voce del menu principale “Disclaimer”, in versione bilingue (Italiano vincolante / Inglese di cortesia).
English (courtesy translation)  
All disclaimers are collected under the main menu item “Disclaimer”, in bilingual version (Italian binding / English courtesy).


Italiano (vincolante)  
Per segnalarci una legge citata errata, fare richieste di Rettifica, Replica o Accesso alla documentazione, utilizzate il link dedicato oppure andate alla pagina Contact Us sotto il menu About Us.
English (courtesy translation)  
To report an incorrect legal citation, or to request Rectification, Reply, or Access to documentation, please use the dedicated link or go to the Contact Us page under the About Us menu.



This website uses an internal analytics system which collects data in an aggregated and anonymous form for statistical purposes only, and does not carry out any user profiling.
Back to content
Application icon
The Record Speaks Install this application on your home screen for a better experience
Tap Installation button on iOS then "Add to your screen"

Informativa introduttiva

Questo sito è un archivio giuridico conforme agli Art. 6, 8 e 10 della CEDU, agli Art. 2, 21 e 24 della Costituzione Italiana e all’Art. 89 del GDPR.
(This website is a legal archive compliant with Arts. 6, 8 and 10 of the ECHR, Arts. 2, 21 and 24 of the Italian Constitution, and Art. 89 of the GDPR.)

Consulta le informative complete:
Informativa sui Cookie estesa
Copyright & Legal Notice
Indexing & Transparency
Durata di pubblicazione
Menzione dei soggetti in veste pubblica
Circa l’archivio
Giurisdizione

Continuando la navigazione equivale ad accettazione delle informative proposte.
(By continuing to browse, you agree to the proposed notices.)