The Information Commissioner's Office has decided not to take any further action against leadership training charity Common Purpose despite upholding its initial assessment that the charity had probably breached data protection principles.
The ICO ruled in October that the charity was unlikely to have complied with the provisions in the Data Protection Act 1998 on processing personal data when it compiled a list containing the personal details of people who had made requests under the Freedom of Information Act relating to its dealings with public authorities.
The list was sent to public authorities receiving new Freedom of Information Act requests to demonstrate the view of Common Purpose that the requests were vexatious.
A statement from the charity said it had been referenced in more than 90 requests under the act, many of which were in template form. It said the organisation believed the volume and format of the requests "may be abusing the legislation and damaging the reputation of Common Purpose" because some of the information obtained was published online "as alleged proof of the charity's corrupt activity".
The ICO's verdict has not been altered in the light of the charity's response to its original verdict. But the privacy watchdog said it did not intend to take any further action after the charity confirmed that it no longer distributed the list and was willing to make sure it did not breach data protection principles in future.
Julia Middleton, chief executive of Common Purpose, said: "As an organisation we made a genuine mistake in this instance and did so following sound advice from the ICO.
"But it was in a very rapidly changing legal context. We have since recognised our practices needed to be amended and have amended them accordingly."