Access to the telephone directory on CD-ROM and the Internet was altered following complaints to the Data Protection Commissioner.
Some people complained about the directory being available in electronic format, while others complained that this was combined with search engines which undermined their privacy.
The commissioner concluded that if a person had no objection to their details being included in a manual telephone directory, he/ she could have no reasonable objections to them being available in electronic format.
However, he came to a different conclusion with regard to the new capabilities for obtaining subscriber information. For example, if a street name was entered, the directory would show a list of all the subscribers, with their house numbers and telephone numbers.
This would enable a burglar, for example, systematically to phone all the numbers in order to establish which houses were occupied at a particular time.
The commissioner concluded that subscribers had not consented to their personal information being made available in this way, and asked the company to stop publishing the telephone directory on the Internet and on CD-ROM pending discussions.
Following discussions, such backward searching from the address is no longer possible.
Another complaint showed that a financial institution had failed to maintain accurate records of payments, and this resulted in the refusal of a loan.
Following the refusal of the loan by two financial institutions, the complainants sought their credit records under the Data Protection Act. This showed that they had taken out three loans recently, two of which had been paid off, but showing the third not to have been repaid.
In fact it had been, but the records of the institution were inaccurate. The institution rectified this, but stated the omission would have had no material effect, as the same institution had granted two subsequent loans to the complainants, and other financial institutions would have understood this to mean their credit rating was good.
The commissioner rejected this and upheld the complaint, pointing out the obligation to ensure that credit ratings were up to date and accurate, and that, under the Act, individuals may take civil action against a data controller where he or she suffered as a result of its failure to keep up-to-date records.