R0b, OK, I understand that. Issue is I am having difficulty putting it in a clear and precise manner that would be... let's say... compliant?

perhaps some assistance there would help and be appreciated greatly.

2222, OK, I understand and will not include it. What I was trying to say is that it proves that they knew about their obligations, despite the fact that they should have known anyway.

I am asking for help to put together my LBA in a clear manner.

Is this possible?

I don't think it is possible, as we don't have the missing facts to insert.

All I'm suggesting is that in your background you've said that they disclosed personal data without your consent. But you failed to mention what personal data exactly is it they disclosed and processed.

I'm really not sure how much clearer that can be? If your really struggling with explaining that then you should consider not issuing the letter before action because a judge will ask you the same question. Or you can just issue the letter but again you are going to need explain it in your particulars of claim or run the risk of having it struck out.

They disclosed data relating to personal circumstances and previous alleged incidents from when I was a member and lied about them, twisting what actually happened. I have documentary evidence to support this, namely the emails that they disclosed between them which I eventually got hold of after involving the ICO.

The data speciffically relates to past alleged incidents as follows, which I have explained previously in this thread. I will explain again:

They disclosed data related to complaints that were maliciously filed against me by a particular member, and those complaints resulted in me being expelled from the society, although not banned, although there is some uncertainty regarding that at this time,

They also disclosed details of a complaint regarding an investigation to an incident on 31st January 2018 relating to the then club secretary calling me a "f**king retard".

They also fabricated a lot of what was said, and I can prove it.

What more is needed to be clearer than how I have written it before in my LBA?

Thanks again.

Perhaps you should make a list of all the emails by date and time. Then against each one you could say what, if anything, is objectionable in that particular email.

When you have done that, you'll probably have a very long list of comments. Do try to edit that down to just the ones that really matter most to the court. If you can't prove a particular lie it might be better to take it out of the list.

Try to keep it purely factual, based on the particular documents you are alluding to. You say a member filed malicious complaints, but do you have proof of his state of mind? Has he admitted the complaints were malicious, and are you attaching that to the LBA? If not, isn't this just going to be a red herring?

2222, should that be like this:

(bulletpoint) In the disclosed emails from the ICO between XXX and XXX, an email dated X/X/XX was sent to XXX from XXX saying "blah blah blah".
This email contains factual inaccuracies, particularly... blah blah blah...

Is that one way I could place it on my LBA, but under which heading, "Factual background" or "The data breach"?

Please let me know.

Thansk again.

Bloody hell you are overthinking the LBA far too much. Like I said, it doesn't need to be pitch perfect so long as you give enough details of the claim for them to understand and know the case they have to meet.

You've clearly stated your factual background in this thread but you've not put that clarity in your LBA. I'm sorry if I am sounding harsh but it really isn't that difficult to do. It's not good having stated the facts and background to the DPA on this thread when it needs to go into your LBA. The LBA draft is lacking in the detail you mentioned at post #49 and that's what needs to be included.

It's very very simple.

R0b, it may be simple for you, but to me, it is not, because I have never had to make a claim under the DPA 1998 before.

I am not "overthinking" here, I am trying to get it right. That is all.

I understand it may not be simple, but pretty much all LBAs tend to follow the same format in one way or another. The background information needs to be sufficient to explain how the breach occurred, and the above quote taken from my previous post explains what you need to do. Your action is for breach of data protection so the main subject matter will be, what is the data in question that the controller is alleged to have been in breach of?

All you need to do is add a couple of lines to your LBA under the factual background heading and explain the personal data that was disclosed without your consent.

If you can't explain the personal data that was disclosed, how can you bring a claim?

R0b, would this need to include quotes from emails from example?

I have emails that prove beyond doubt that they breached my DPA rights, as the ICO have confirmed after all.

Not really, that can be given in your witness statement further down the line.

The LBA is not intended to be an extremely detailed document rather it is meant to be a concise. You've listed the evidence you are going to rely on and if you provide them copies, there's no need to give any quotations from it because they will be able to see what has been said.

I would suggest you go back to my comments and suggestions at post #40 and read through them again, as well as any other suggestions made by others. You then need to decide whether you agree or disagree and tailor your letter accordingly.

Once your happy with your draft, either post it up here and then we can comment or send it off and see what happens.

Well you should list all data breaches but if you think there is several pages worth of data breaches the you need to condencd them. Based on what youvr mentioned in this thread there doesnt seem to be that many data breaches.

Is there another way of looking at this? Thomas only needs to list those breaches he intends to sue for. If there are several important breaches list those and ignore the petty stuff?

Sorry, I should've defined important breaches as ones that caused particularly great distress.

Incidentally, wasn't there some sort of pressing time limit on this? That was mentioned weeks ago?