Why should anyone have to pay or got such lenghts? If people want the regulators to look into this service they must complaint to the ICO, PhonePayPlus and OFCOM. If enough people complain then the regulators will have to act.

scouemonk, did you contact 3's data protection officer? Customer services are not geared to handling debt complaints of data protection related matters. Email dpa.officer@three.co.uk

KCOM are just acting as a contractor (or data processor under the Data Protection Act) providing operator services on behalf of Connectivity. As for Connectivity's statement that the 118800 service "had been approved by the Information Commissioner's Office (ICO)" ..... there's a bit of poetic licence going on there. The ICO never 'approve' any service, that is not their role. They may make an opinion as to whether a service is likely to comply with data privacy law .. but any such opinions are based on the information supplied to them in the first instance. People can find out exactly what has been said or agreed by submitting an online request for information under the Freedom of Information Act ..... see here https://forms.ico.gov.uk/enquiry.aspx You can complain about the 118800 service here Complaints about data protection policy - ICO

KCOM are just acting as a contractor (or data processor under the Data Protection Act) providing operator services on behalf of Connectivity. As for Connectivity's statement that the 118800 service "had been approved by the Information Commissioner's Office (ICO)" ..... there's a bit of poetic licence going on there. The ICO never 'approve' any service, that is not their role. They may make an opinion as to whether a service is likely to comply with data privacy law .. but any such opinions are based on the information supplied to them in the first instance. People can find out exactly what has been said or agreed by submitting an online request for information under the Freedom of Information Act ..... see here https://forms.ico.gov.uk/enquiry.aspx You can complain about the 118800 service here Complaints about data protection policy - ICO

The 118800 mobile directory enquiry service does raise a number of privacy and regulatory issues which people should take up with the Information Commissioners Office and OFCOM. Ok, the mobile directory enquiry service does NOT give out mobile numbers .. rather it contacts the 'requested party' and lets them know the 'requesting party' is looking for them. The company either sends a text to the requested party or or connects a call via call completion. But don’t worry says the company .. it respects your 'privacy' because it never gives out your number. The company has provided a facility so people can opt-out and become ex-directory. So what's wrong? Well, firstly, this directory enquiry (call completion) service sits outside of the regulatory framework for directories and directory enquiry services in the UK and which falls under the remit of OFCOM. Under that Framework, OFCOM has established a national directory database managed by BT and which is called OSIS. This is the OFFICIAL database and which also contains ex-directory numbers. ALL 118 providers that offer telephone numbers are entitled to access this database/receive this information under the law/the regulatory framework. Mobile operators are obliged to pass subscriber information to OSIS BUT do so only where a customer has specifically requested that they want an entry in a directory or directory enquiry service - in other words where a customer has expressly opted-in. Both OFCOM and the EU (who were taking legal action against the UK government for failing to give mobile customers the right to an entry in directories) have agreed that entries in directories and directory enquiry services should be based on opt-in consent. It is a fact that the 118800 service does not fall under any definitions of a directory enquiry service/facility of the above regulatory framework and so the company is NOT entitled to access OSIS data or receive data from OSIS or the mobile operators (despite what it says in the press!). The 118800 service is a purely private system. Ask yourself why someone should need to become ex-directory in this service if they are already ex-directory in the national OSIS database? What is to stop another private company from establishing a directory or directory service which is essentialy unregulated? How many databases do you need opt-out of and become XD .. if you need to be XD then you should only need to do it once. So what else is wrong. Well, firstly lets look at the 15 million names, addresses and numbers obtained from third parties (and which could the retailer you bought your phone from or some online retailer who you have supplied your details to). 2 pieces of law apply here. (1) The Data Protection Act 1998 - the DPA. Under the Data Protection Act those collecting your data need to make you aware in a transparent and clear manner of the intention to place your details in a directory service and the purposes of that directory, of any disclosures of your data and to allow you to make an informed decision as to whether you wish to be in the directory or not .. in other words they needed your consent (given that neither 118800 or the company that collected your data has any legal obligation to process your data for purposes of directory enquiries!). (2) Regulation 18 of the Privacy and Electronic Communications (EC Directive) Regulations 2003 applies - the PECRs. Reg 18 states: The personal data of an individual subscriber shall not be included in a directory unless that subscriber has, free of charge, been - (a) informed by the collector of the personal data of the purposes of the directory in which his personal data are to be included, and (b) given the opportunity to determine whether such of his personal data as are considered relevant by the producer of the directory should be included in the directory. “ This seems quite clear that the party collecting your data should have told you about the 118800 service and given you the clear opportunity to agree - either by an opt-in box or by an opt-out box (depending on whether they published a clear and prominent notice at the time they collected your data). It seems to me that opt-in consent is required for the purposes of this directory. So what else. Well, the company says you can obtain a copy of information they hold on you pursuant to your rights under Section 7(1) of the Data Protection Act. 118800 charge the maximum fee permitted under the Data Protection Act for meeting these access requests. BUT why are they charging people when Reg 18(5) of the PECRs requires directory operators to provide subscribers with the means (free of charge) to verify, correct or withdraw their data at any time - I can find no mention of these rights on the 118800 website or how you can exercise them. What else? Oh yes. back to the regulatory framework. ALL 118 services are regulated by PhonePayPlus which is an agency of OFCOM the government telecoms and media regulator. PhonePayPlus regulates services by a Code of Practice - the Code. the 118800 service is incompatible with the Code which (a) defines telephone directories as ones that supply phone numbers (b) requires companies providing call completion services to disclose telephone numbers to persons who demand a number and © requires that services must not or must not be likely to result in any unreasonable invasion of privacy. As opt-in consent has not been sought from any person in the 118800 directory, it is possible that individuals listed in the directory without their knowledge or agreement will consider contact via the call completion service to amount to an unreasonable invasion of their privacy (especially those who considered they are already ex-directory under the official national OSIS database). So where do people go from here? If you are concerned you can ask 118800 to verify what data they have on you free of charge email 118800 (the email address is in the privacy policy at http://www.118800.co.uk), BUT you could and should raise your concerns or complain directly to the Information Commissioners Office (Information Commissioner's Office - ICO) .. you could do the same to OFCOM (http://www.ofcom.org.uk) and/or PhonePayPayPlus (http://www.phonepayplus.org.uk). Certainly anyone who called the 118800 service last Friday to find out a mobile subscriber (even themselves) and found that the service did not work, can complain to PhonePayPlus and also demand a refund of the £1 charge (minimum) for the calls. And don't forget this company demanded the mobile operators give them ALL of their subscriber information and threatened legal action if they didn't get it!

The 118800 service does raise a number of privacy and regulatory issues which people should take up with the Information Commissioners Office and OFCOM. Ok, the service does NOT give out mobile numbers .. rather it contacts the requested party and lets them know the 'requesting party' is looking for them and do they wish to speak with/contact them. It does this either by sending a text or connecting a call via call completion. But don’t worry says the company .. respects your privacy because it never gives out your number. The company has provided a facility so people can op-out and become ex-directory. So what's wrong with all this? Well, firstly, this directory enquiry (call completion) service sits outside of the regulatory framework for directories and directory enquiry services in the UK and which falls under the remit of OFCOM. Under that Framework, OFCOM has established a national directory database managed by BT and which is called OSIS. This is the OFFICIAL database and which also contains ex-directory numbers. ALL 118 providers that offer telephone numbers are entitled to access this database/receive this information under the law/the regulatory framework. Mobile operators are obliged to pass subscriber information to OSIS BUT do so only where a customer has specifically requested that they want an entry in a directory or directory enquiry service - in other words where a customer has expressly opted-in. Both OFCOM and the EU (who were taking legal action against the UK government for failing to give mobile customers the right to an entry in directories) have agreed that entries in directories and directory enquiry services should be based on opt-in consent. It is a fact that the 118800 service does not fall under any definitions of a directory enquiry service/facility of the above regulatory framework and so the company is NOT entitled to access OSIS data or receive data from OSIS or the mobile operators (despite what it says in the press!). The 118800 service is a purely private system. Ask yourself why someone should need to become ex-directory in this service if they are already ex-directory in the national OSIS database? What is st stop another private company from establishing a directory or directory service which is essentialy unregulated? How many databases do you need opt-out of and become XD .. if you need to be XD then you should only need to do it once. So what else is wrong. Well, firstly lets look at the 15 million names, addresses and numbers obtained from third parties (and which could the retailer you bought your phone from or some online retailer who you have supplied your details to). 2 pieces of law apply here. (1) Data Protection Act 1998 - the DPA. Under the DPA those collecting your data need to make you aware in a transparent and clear manner of the intention to place your details in a directory service and the purposes of that directory, of any disclosures of your data and to allow you to make an informed decision as to whether you wish to be in the directory or not .. in other words they needed your consent (given that netiher 118800 or the company that collected your data has any legal obligation to process your data!). (2) Regulation 18 of the Privacy and Electronic Communications (EC Directive) Regulations 2003 applies - the PECRs. Reg 18 states: The personal data of an individual subscriber shall not be included in a directory unless that subscriber has, free of charge, been - (a) informed by the collector of the personal data of the purposes of the directory in which his personal data are to be included, and (b) given the opportunity to determine whether such of his personal data as are considered relevant by the producer of the directory should be included in the directory. “ This seems quite clear that the party collecting your data should have told you about the 118800 service and given you the clear opportunity to agree - either by an opt-in box or by an opt-out box (depending on whether they published a clear and prominent notice at the time they collected your data). It seems to me that opt-in consent is required for the purposes of this directory. So what else. Well, the company says you can obtain a copy of information they hold on you pursuant to your rights under Section 7(1) of the DPA. 118800 charge the maximum fee permitted under the DPA for meeting these access requests. BUT why are they charging people when Reg 18(5) of the PECRs requires directory operators to provide subscribers with the means (free of charge) to verify, correct or withdraw their data at any time - I can find no mention of these rights on the 118800 website. What else? Oh yes. back to the regulatory framework. ALL 118 services are regulated by PhonePayPlus which is an agency of OFCOM the government telecoms and media regulator. PhonePayPlus regulates services by a Code of Practice - the Code. the 118800 service is incompatible with the Code which (a) defines telephone directories as ones that supply phone numbers (b) requires companies providing call completion services to disclose telephone numbers to persons who demand a number and © requires that services must not or must not be likely to result in any unreasonable invasion of privacy. As opt-in consent has not been sought from any person in the 118800 directory, it is possible that individuals listed in the directory without their knowledge or agreement will consider contact via the call completion service to amount to an unreasonable invasion of their privacy (especially those who considered they are already ex-directory under the official national OSIS database). So where do people go from here? If you are concerned you can ask 118800 to verify what data they have on you free of charge email 118800 (the email address is in the privacy polic BUT you could and should raise your concerns or complain directly to the Information Commissioners Office (ico.gov.uk) .. you could do the same to OFCOM (ofcom.org.uk) and/or PhonePayPayPlus (phonepayplus.org.uk). Certainly anyone who called the 118800 service last Friday to find out a mobile subscriber (even themselves) and found that the service did not work, can complain to PhonePayPlus and also demand a refund of the £1 charge (minimum) for the calls. And don't forget this company demanded the mobile operators give them ALL of their subscriber information and threatened legal action if they didn't get it!

I would urge to write to the Data Protection Officer at H3G, and ask her to investigate this matter, explain how the debt was passed to the DCA, explain the processing errors and customer service failures and confirm precisely what she has done to prevent such errors occurring again. I would also urge to to file a complaint online with the ICO and ask them to make an assessment as to whether the processing in question breached the DPA. You need a better response that the one received

I would urge you to contact 3's data protection officer ASAP and not deal with customer services (who are not trained to handle these types of complaints). alternatively email the executive.office@three.co.uk or the chief finance office david.dyson@three.co.uk and ask him to investigate (as he is ulitmately responsible for the credit and debt collection strategy and policy).

there's also this site towertelecom: - Home

If you want to send your letter via post send to Mr Persoff at: ST JAMES COURT GREAT PARK ROAD ALMONDSBURY PARK BRADLEY STOKE BRISTOL BS32 4QJ

I agree with Buzby .. don't rant and threaten at this stage .. Contact 3Uk's data protection officer by emailing or writing to them at: dpa.officer@three.co.uk or the Data Protection and Privacy Officer, Hutchison 3G UK Limited, Star House, 20 Grenfell Road, Maidenhead, Berks SL6 1EH You can call 3's switchboard on 01628 765000 and ask to be put through to the Data Protection Officer Explain the situation, disoute the debt and any sale of the debt to a 3rd party ... ask them investigate and suspend all collections actions ......

Hi fuzzyfuzzy .. I think Buzby and others are better placed than me to advise on moneyclaim matters .. there's some really excellent advice on this site. FYI - this ICO enforcement action against talktalk may help your case and I have referred to it below. http://www.ico.gov.uk/upload/documents/library/data_protection/notices/talk_talk_telecom_en.pdf Yes send you SAR now. As for Orange, Simon Persoff is the Director of the Legal and Regulatory department at Orange UK. You could write a separate letter to Mr Persoff (and attach your SAR) ..... and send it by email ... it's not hard to work out email addresses .. try ... simon.persoff@orange-ftgroup.com I would suggest your letter covers that you write to: (a) dispute a default recorded on your credit reference file by Orange and which is causing you harm and distress. You ask that he arranges an immediate review of your case and removal of the default. (b) report the failure of Orange to accurately and fairly process your personal data pursuant to the DPA and which as above is causing harm and distress © report the failure of Orange to comply with its legal obligations under General Conditions 12 of the Communications Act 2003. Orange incorrectly recorded another customers name and address on its billing system for your account, resulting in Orange failing to send bills to you and so preventing you from properly managing your account/finances etc. Not only is this a breach of Principle 4 of the DPA 98, but also a breach of Condition 12 of the Communications Act. (d) report the failure of Orange to comply with General Condition 13 of the Communications Act 2003. When Orange discovered its error, it demanded immediate payment for services allegedly used by you over XX period (though no bills had been supplied to permit you to verify these charges), and proceeded to [sUSPEND/DISCONNECT?] your services and moved to debt collection actions and to record the default, despite requests from you that matters be addressed properly [EXPLAIN IF YOU DISCUSSED ISSUES WITH PAYING IMMEDIATELY, OFFERED TO PAY IN INSTALLMENTS ETC). You are of the view that the actions of Orange were not proportionate, that Orange failed to give due warning, and failed to provide due written warning of the measures it may take to effect payment or disconnection, in breach of General Conditions 12 and 13 of the Communications Act. (e) ask whether Orange complies with guidance from the ICO, 'Filing defaults with credit reference agencies', the 'Guidance Note on Credit Referencing' (published in October 1995 and which has not been revoked) and the guidance note 'Data Protection Guidance on Debt Tracing and Collection' (published in 1998 and not revoked). If so, you would be pleased to learn how the requirements of both have been communicated to the appropriate business units and effective policies and procedures developed and implemented. It is your view that Orange has failed to comply with the DPA and ICO guidance. You note that the Information Commissioner took enforcement action in January 2008 against TalkTalk Telecom Ltd for identical breaches of the DPA experienced by you in this matter with Orange. It is unfortunate that you have felt compelled to now report your case to the ICO given the failures and incompetence experienced to date - you will use any findings by the ICO in legal proceedings should Orange fail to correct matters immediately. (f) ask Orange to cease processing your data in a manner that is causing you unwarranted harm and distress (including the disclosure of data reported to CRAs) pursuant to your right under Section 10 of the DPA 98. It is your view that the recording of the default has caused and continues to cause you distress that is unwarranted and that it has and continues to damage your financial status among other lenders and providers of communications services, and in turn prevents you securing loans and services at preferential rates etc. [EXPLAIN IF THIS AHD LED TO FINANCIAL LOSS AT ALL e.g. have you been declined a loan at a cheaper rate that has cost you £ .... It is your view that had Orange accurately and correctly processed your personal data, had it complied with the General Conditions and had Orange Customer Services acted professionally, competently and in an effective manner then your current distress and harm would not have materialised. (g) you are so concerned by your experiences that you have asked OFCOM to review Orange's compliance with the General Condiitons 12 and 13 in order that other customers do not suffer the same distress, harm and incompetence as you [END THE LETTER BY stating that you are surprised and distressed by the manner in which Orange has handled matters to date, and by the abrupt and dismissive manner of those with whom you have recently dealt) Good luck with your case ... if I can help any further let me know. Tadg

Buzby, Data controllers such as Orange need to ensure they verify the identity of persons making SARs ...... the copies of passports/drivers licences should be destroyed by a data controller once identity is confirmed. NONE of the data may be passed to a CRA ..... If a mobile operator were simply to ask for a mobile number and accopunt number how are they to protect against say an ex-partner asking for copies of itemised bills so they can find out their ex-partners new partner? In the end it is for Fuzzyfuzzy to to determine whether to send proof of id and see if Orange will simply accept mobile number and account number

Hi Fuzzyfuzzy, Yes, I would advise you to submit a 'subject access request' to Orange. Unfortunately Orange does not have a dedicated Data Protection Officer or Manager, and you will need to write to: Orange Customer Services, PO Box 10, Patchway, Bristol BS32 4QJ. I would mark the envelope with the words 'Data Protection Act 1998 - Subject Access Request'. Also send the letter by email to: legal@orange-ftgroup.com You will need to provide proof of identity (copy of passport or photo ID drivers licence) proof of address (your last Orange phone bill? or utility bill), a cheque for £10 and any other information (necessary) to help Orange locate the data sought by you (such as dates of letters/emails and addressee, date and time of calls + number call made from if you are seeking copies of any voice recordings, names of employees you have dealt with if you have this info. If you have have moved address since being an Orange customer you will need to confirm your old and new address. Also quote your Orange mobile number and account number - this really helps locate the data faster and more accurately. Re your letter, you should write along the lines below .. amending as you require: "Dear Sirs, Subject Access Request - Data Protection Act 1998 I wish to exercise my rights under Section 7 of the Data Protection Act 1998 (the DPA) to obtain a copy of of all personal data held about me by Orange, it's group of companies and any data processors acting on behalf of Orange. I have been/was a customer of Orange between xx and xx . My mobile number is/was, and my account number is/was. Specifically, I request that Orange provide the following information covered by the DPA: Section 7(1))b)(i) - what data is being processed and held about me. Section 7(1)(b)(ii) - what purposes is the data being processed for? Section 7(1)(b)(ii) - who has the data been disclosed to and is likely to be disclosed to (and for what purposes)? Under Section 7(1)©(i) of the DPA, please provide me with a copy of the information constituting the data which you hold about. This should include, but is not limited to: (a) all itemised bills held since XXX DATE (b) all information disclosed to credit reference agencies, including an explanation in plain English of any terms or codes used. This should include copies of the electronic files sent to the agencies © all information held by Orange's billing and collections teams relating to any alleged debts owed by me - including details of actions taken to notify and recover the debt. This should include copies of any correspondence, voice recordings or transcripts of recordings, plus any data held on systems uniquely maintained by those departments. I would also expect to receive details of any automated actions taken regards the alleged debt. (d) copies of any notices of Orange's intention to file a default with the credit reference agencies (including the media of such notices, the date they were were communicated and the means by which they were communicated). This information should have been supplied by Orange under the fair processing requirements of the DPA and General Condition 13 of the Communications Act 2003 and so should be readily available for disclosure to me. (e) copies of any voice recordings held in respect of calls made to Orange between XX and XX DATE from the telephone numbers XXXX, and received from ORANGE between XX and XX DATE on the telephone numbers XXX. (f) copies of any emails, memos or letters sent or received between either of the following: Orange Executive office/department, Orange legal department, the chief executive's office, external parties, and me. (g) copies of all customer service notes (whether held by the customer services team or other departments) together with an explanation in plain English of any terms or codes used. I should also like to take this opportunity to ask for details of the processes which customer service staff are requited to follow when csutomers report the inaccurate or incorrect processing of their data. I should also be grateful if you could confirm Orange's policy and practice on the recording of calls made to or from Orange customer services pursuant to the Regulation of Investigatory Powers Act 2000 and The Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000. You have a maximum of 40 days from receipt of this request in which to comply. The 40 days will end on XXXXXX. You will be aware that the Information Commissioner expects organisations to comply with subject access requests at the earliest opportunity and that organisations should not routinely treat the 40 days as a standard response time. I look forward to your reply and to receiving the data." I hope this helps Tadg

re my previous post - meant to say 'could it be this company'? Has your niece received any phone calls offering her mobiles? Has she taken out a mobile phone contract - in the past? - via a company in Blackburn?

They sell mobile phones on the 3 network TOWERS TELECOM LIMITED 5 TOWERS COURT DUCKWORTH STREET BLACKBURN LANCASHIRE UNITED KINGDOM BB2 2JQ

fuzzyfuzzy ,,, been away .. sorry for delay in reply. It is doubtful they will remove the default if you did owe them money. HOWEVER, they clearly have a case to answer over the manner in which they have dealt with you and the recording of your data. I would suggest you: (a) contact OFCOM and report ORANGE for failing to comply with it's obligations under General Condition 12 and 13 (above) - explain why - and ask OFCOM to investigate and confirm what it intends to do to ensure Orange and other telcos comply with the conditions. Ask them to provide details of their investigation (b) Report Orange to the Office of the Information Commissioner - you need to focus on the inaccurate processing of your information, beginning with the fact that they sent your bills to another customer .. then focus on the dates and amounts of the default and present the facts of any inaccuracies (help the ICO make a case!), also explain whether ORANGE gave you any notice of intention to file a default (either verbally or in writing).. ask the ICO to assess whether in their view the processing of your data - in respect of incorrect billing and recording a default - has been carried out in accordance with the requirements of the DPA 98 and their Technical Guidance on Defaults ... © mobile operators must belong to an Alternative Dispute Resolution (ADR) scheme (see http://www.ofcom.org.uk/advice/guides/complain.pdf) ORANGE .. belongs to CISAS (CISAS: Communications & Internet Services Adjudication Scheme) .. you can complain to an ADR if a company has not resolved your complaint within 12 weeks or if they have issued you a deadlock letter .. again, you can refer to the failure to comply with the general conditions and inaccurate processing .. etc As for the ICO and their view on mobile defaults .. I have significant experience working for large corporates and dealing with a range of regulators and trade groups in the area of data privacy compliance. I can assure you that the ICO does apply the guidance on defaults (and debt collection) to the mobile industry even though they may not be caught by the CCA - indeed, the ICO's technical guidance was written to avoid restricting it to CCA regulated agreements. The ICO is genuinely concerned about the harm that can be caused to an individual by the incorrect or inaccurate recording of data on credit files ... The ICO would look at a number of things in your case - the fact that Orange billed the wrong customer, whether you contacted Orange about this error and the response of Orange, whether Orange notified you of the debt and their intention to file a default (the DPA does not require such notice . but the ICO would look at it from a best practice perspective -but again, refer to the LEGAL obligation of Orange to notify you in writing of their intentions under GC13 above - the ICO would look at this) ..... inaccurate recording of the dates and/pr amount of a default) ......... the maximum period for recording a default is 6 months from the date the default occurred .. and the date recorded must be the actual date the account went into default and NOT the date the data were sent to a CRA .. normally, a default would be recorded by a mobile operator after approx 3 months .. some operators would use the date explained in the notice of intention to file a default ... Orange may did in it's heels and refuse to remove the default, ensuring only that it accurately reflects the amounts/dates etc .....

Fuzzy .. sorry, I've been away for Easter and couldn't respond sooner. I don't agree that the reference to the ICO's guidance on defaults is erroneous. From my experiencel, the ICO applies their guidance to 'defaults' recorded by mobile phone companies as robustly to 'defaults' recorded by financial institutions who extend loans regulated by the CCA. Mobile operators also follow this guidance in developing and implementing their debt collections strategies and activities - it would be unwise of them not to follow it (for a number of very good business reasons). One of the key points here - whether the CCA applies or not - is that ALL organisations that report financial information to CRAs are required to comply with the requirements of the Data Protection Act and consider any applicable guidance issued by the ICO. For example, Mobile operators are required to ensure that the date a default recorded on a CRA file reflects the date on which the account actually went into default (using a range of criteria) - as Buzby suggests, this could be 12 weeks following a failure to pay an outstanding debt. On the face of it, it seems that Orange made a number of mistakes in addition to you not checking payments were being taken. Orange should certainly have taken action sooner to contact you about their error in establishing wrong payment details, they should also have made you aware of their intention to file a default given the circumstances of your specific case. I would also suggest that given the billing errors, you have a case to argue that Orange failed to comply with its duty under General Condition 12 of the Communications Act 2003 and which requires mobile and fixed operators to provide subscribers - you - with itemised bills that show a sufficient level of detail to allow subscribers to: (a) verify and control the charges incurred; and (b) adequately monitor the Subscriber’s usage and expenditure and thereby exercise a reasonable degree of control over their bills. From what you say, Orange failed to supply you with bills for a significant period and so questions compliance with the above. Under General Condition 13, where a subscriber fails to pay their bills, any action taken by the operator to effect payment or disconnection shall: (a) be proportionate and not unduly discriminatory; (b) give due warning to the Subscriber beforehand of any consequent service interruption or disconnection; and © except in cases of fraud, persistent late payment or nonpayment, confine any service interruption to the service concerned, as far as technically feasible. Operators are required to send written details of the above measures to subscribers AND publish them on their websites. I shall leave it to you to decide what course of action is appropriate. You did owe money but Orange should also have made a better job of matters. I hope this has been of some help.

It's not quite as simple as that. First, though, you need to be clear whether you did owe Orange money for services received/used, why you didn't pay (were you in dispute?), whether Orange made you aware of the monies owed and their intention to file a default. The ICO guidance on defaults states: - Accounts should not be routinely filed as being in default where full payments or those due under a rescheduled agreement are fewer than three consecutive months in arrears. - Accounts should normally be filed as being in default where those payments due have not been received for six months. Are you able to provide more info?

Hi Buzby, My original post was in relation to the upgrade being made by phone. On taking out an 'upgrade' a customer enters into a new 12/18 month contract (or longer depending on the operator) .. I am still at a loss to see why the DSR does not apply in relation to the right to cancel the contract. Sorry

0=Payments are up to date. 8=The account is in ‘default’. You failed to keep to your credit agreement and have not responded satisfactorily to requests to bring your payments up to date, so the credit agreement has ended. It looks like you managed to succeed in getting them to repair your file. However, do you have only one entry or two entries for H3G on your credit file? If a new entry wasn't created when you upgraded that's great.

Has the default been removed from your credit file or marked as satisfied. If the former then well done.

Hi Buzby, I would have thought that the distance selling regulations apply - on upgrade a customer is entering into a new contract and entitled to the rights afforded by the same (especially where someone changes mind prior to receipt or on receipt of a new phone for example).

further to Buzby's advice, the DCA acts on behalf of H3G .. therefore, if you are submitting a subject access request for a copy of any data held about you (in relation to the debt/default) then remember to ask for info held by the DCA (including any voice recordings - again, you'll need the date/time of calls + the number calls made from/received on).

3UK's website states that: " .... to qualify for an upgrade, you’ll need to re-join 3 for at least 12 months. And if you’re happy to stay with us for 18 months, your offer may be even better." This seems like a new contract. Buzby your expert view would be welcome on this issue where people seem to be entering into a new contract (sold at a distance) and the general right to cancel within 7 days. ?