Data Protection and data mining

[Peter Tomlinson]

A double BT horror story passed on yesterday by the victim. I will give you
the meat only.

He has an ADSL account, but they asked him to let them register both his
phone numbers, so they could swap him from one line to the other if there
were problems. They now bill him for two ADSL lines, and he cannot shake
this off - so they cut him off, apologised, re-connected him, and have just
sent him two bills again, so he expects to be cut off again.

In the middle of this, his ADSL service really went down. He phoned in the
fault, and was asked a security question "Where were you born?". He had not
registered any such codeword, so he could not get BT's call centre to log
his fault (because of Data Protection, of course they could not tell him his
codeword). After progressing this up the BT laddder, he got a phone call
telling him anonymously and off the record what his codeword is (and its not
the place where he was born, and he had not given it to them). So he phoned
in again, changed his codeword, and they fixed his fault. Then it went down
again, so he phoned in, they discovered that the fault report had not been
closed, so they had to record his progress (lack of it) against the original
fault report and the original CODEWORD, because his new one had not got
itself attached to the old fault report... So the fault reports carry their
own snapshot of the environment with them...

Peter

----- Original Message -----
From: "Peter Fairbrother" <peter.fairbrother@ntlworld.com>
To: <ukcrypto@chiark.greenend.org.uk>
Sent: Tuesday, March 12, 2002 6:36 AM
Subject: Data Protection and data mining


> The other side of the DPA...
>
> I recently 'phoned British Gas, after they sent me a threatening letter
(I'm
> not a customer, I assume it was a mistake). They asked me for my name and
> address, then asked me to "confirm" my telephone number. I asked why and
was
> told "it's for Data Protection".
>