The General Data Protection Regulation (GDPR), introduced in 2018, was designed to give individuals greater control over their personal data. One of its key provisions is the Right of Access, which allows you to ask an organisation what information it holds about you, and to understand why and how it is being used. This process is carried out through a Data Subject Access Request (DSAR).
Every individual has the right to know and obtain information about how their personal data is being processed. You can exercise this right easily, at reasonable intervals, and use it to verify the lawfulness of data processing that has taken place or is ongoing.
If you are in a dispute with your University, submitting a DSAR is highly advisable. If the University uses an external provider—such as a Human Resources consultancy (e.g. B3Sixty), a lawyer, or a barrister—you may submit DSARs to them as well. Similarly, if you have appealed to external regulators such as the Information Commissioner’s Office (ICO) or the Office for Students (OfS), you are entitled to investigate how they handled your case.
That said, few people hold the OfS or ICO in high regard — so submitting a DSAR to them is mainly for those who enjoy a touch of dark comedy.
There is no legal requirement to use a form when making a DSAR, but it is recommended. A standard example — taken from the University of Cambridge — is reproduced below (also available on their website here). The form must be accompanied by proof of identity, such as a scan of passport or driving licence.
The only tricky part of the form is the section asking for a “Description of your Request, including information to help us locate the personal data you seek.” Organisations are only required to carry out reasonable and proportionate searches, so a very broad or vague request is likely to fail.
A useful model is:
“I would like to exercise my right under the Data Protection Act to access personal data held or being processed by the University in the matter of [BRIEF DESCRIPTION]. Please provide me with copies of any correspondence, minutes, notes, Teams meetings, WhatsApp messages, or emails between 1 January 2023 and 31 December 2023 from or to [NAME OF INDIVIDUAL(S)] regarding events at [NAME OF DEPARTMENT or INSTITUTION], insofar as they include my personal data. This includes (but is not limited to) relevant correspondence with other members of the University or external advisers.
It is important to name specific individuals who may hold your data (such as your Head of Department or HR staff) and to give a clear indication of the subject matter (e.g. events surrounding my promotion claim or a grievance made against me). A timeframe of around one year is considered reasonable.
By law, organisations must respond to a DSAR within one calendar month of receipt. In complex cases, the deadline can be extended by up to two additional months, but the organisation must notify you within the initial month and explain the reasons for delay.
If an employer or colleague deletes emails or messages to avoid disclosing them in response to a DSAR, this constitutes a serious GDPR violation. Unfortunately, not all institutions treat DSARs with the required seriousness — indeed, earlier this year, two Heads of School at Cambridge were implicated in a DSAR scandal for concealing records and keeping the secrets safe.
The graph at the top of the article shows the number of DSARs submitted annually to Cambridge University over the past five years (with the 2025 figure extrapolated from current data). The curve is steeply rising, which reflects a growing willingness among staff and students to challenge how their data is used. In many organisations, a sharp rise in DSARs would signal a breakdown of trust: people resort to formal legal rights when they believe ordinary processes for fairness, transparency, and accountability have failed.
In Cambridge’s case, the trend strongly suggests a deep-seated cultural problem — one where disputes are mishandled, information is withheld and staff feel compelled to use GDPR as a last line of defence.
51 Comments
TheResearcher · 1 September 2025 at 09:14
This post is interesting, and it will hardly surprise those who interacted with the Information Compliance Office of the University of Cambridge. Requests are typically considered “complex” so that they have more time to redact the material; if you ask explanations about why they considered the request complex, or why so many pages were redacted—some come without a single word visible!—they say that they do not need to give further explanations and that we can request a review from the Data Protection Officer. Incidentally, the Data Protection Officer is outsourced from Trilateral Research, perhaps to give the impression that the DPO is independent, but for this DPO the university is always right. If you ask how you can complain about them, they say:
“Please note that there is no complaints mechanism available either through the University or Trilateral Research. The DPO must operate independently and without the risk of penalisation for the provision of their advice.”
Anon · 1 September 2025 at 11:12
“The DPO must operate independently and without the risk of penalisation for the provision of their advice.”
When one finally gets sight of what was under some redactions which the DPO had so carefully and independently justified, the idea of suppressing “the risk of penalisation for the provision of their advice” starts making a lot of sense…
TheResearcher · 1 September 2025 at 11:44
This university is currently an absolute circus. Very many senior members are aware of it and either actively contribute to the appalling situation or pretend they do not know it. This DPO and the Information Compliance Office are no different.
.
Valerian · 1 September 2025 at 12:29
This is so true. There is a common misconception that when institutions are in their “last days” and facing just moments to disaster – I think here somewhat prosaically of the Roman Empire prior to the Imperial Crisis, or more recently, the final days of the Soviet Union – that no-one is aware of what is wrong, and this ignorance results in being blindsided by foreseeable (yet unforeseen) calamity. The sadder reality, alas, is that often by the end everyone is aware of the problems that have compiled internally – yet is equally also aware that there exists not one person with the motivation and the capacity to turn things around before it is too late.
Investigator · 1 September 2025 at 22:35
One could easily file an FOI or GDPR request with Trilateral Research directly to request the answer to this question (number of DPO complaints referred back by category and date).
It would also be possible to identify from ICO data the organisations that Trilateral works with, and see what has happened to their GDPR compliance / complaints since adopting Trilateral as their DPO.
I know for a fact that the Cambridge complaint record is exceptionally bad since 2018 so this could be quite telling.
21percent.org · 2 September 2025 at 06:37
This is a very good idea. We will do this and post the results.
TheResearcher · 2 September 2025 at 09:15
That is a good idea indeed. Until then, we can play with ChatGPT:
“Beyond Cambridge (and its Press & Assessment), I couldn’t find another UK university currently listing a third-party company as its statutory DPO on the ICO register.”
“Beyond serving as the external DPO for the University of Cambridge, Trilateral Research Ltd also serves as the external DPO for both the V&A Museum and its commercial subsidiary, V&A Enterprises Limited.”
Accountant · 4 September 2025 at 11:50
If there are so few clients in relation to DPO work then it would be reasonable to infer that a personal connection was involved in securing the contract. That is especially so were there an absence of any prior clients for this specific service prior to the contract with the university. It is clear to state that that in itself is no reason to suspect wrongdoing but evidence should exist to demonstrate the existence of a competitive tender process among multiple parties. Beyond that point I wonder if board of scrutiny could ascertain the prices paid for all such services to date. That seems an important matter of internal accounting. In particular if other universities have adopted the lower cost solution of appointing an experienced third party individual to such a position.
ValleyVoice · 2 September 2025 at 11:10
I am not familiar with the work of Trilateral Research, so will not comment upon that. But what I can say is that from my experience, companies offering this kind of AI-based compliance outsourcing merely serve to ensure that their clients provide the “syntax” of legal compliance (that is in terms of how responses are worded) but not the “semantics” of actual compliance (e.g. actually actioning a GDPR request by providing the legally mandated documentation required by law).
The purpose for this is to fool regulators: so that when they conduct a review, they are deceived in to believing that the organisation has complied with the law, when in fact they have broken it.
Such behaviour is grossly unethical. Again I am not familiar with Trilateral but if there is a student in the field of AI ethics who is in search of a research project, this would prove an excellent study in how AI tools might serve to subvert the law instead of uphold it.
TigerWhoCametoET · 2 September 2025 at 14:09
This would reflect a more general problem with LLMs (and LLM based tools) no? As by design they can only imitate human syntax rather than semantics?
Popper · 2 September 2025 at 14:34
There is no means by which a third-party AI tool could verify GDPR compliance – unless it had been given access to the server backend (client accounts containing all emails, documents and messages held by the institution). You would need that data to provide the “ground truth” of whether information was unfairly withheld.
Correct me if I am wrong but my understanding was that DPOs as third parties are not permitted any such access. Therefore – insofar as DPOs only audits the written responses of the university without knowing the underlying reality – the point made by ValleyVoice seems potentially applicable in this case also. A DPO could only advise a client on how to present the impression of compliance – rather than identifying concrete failures in adherence to the law.
SPARTACUS · 1 September 2025 at 09:43
UCam does not respect the DSAR process! Registrary, HR and the Legal office manipulate it the same way they do with everything else! UCam is a toxic place!
SPARTACUS · 1 September 2025 at 20:27
UCam under the American Queen is doomed. Her team is terrible: Registrary, Head of HR and ProVCs are a bunch of nobodies that combine incompetence, cronyism, lack of moral compass, and a sense of oligarchy entitlement! Add to that an atmosphere of fear, sense of doom and toxicity and you have the perfect recipe for disaster! The Press is lurking and Tribunals and Courts will be busy for years! Mediocrity now reins where excellence should! Moral decrepitude is pervasive! A 800 year history is not respected! World class people and research programmes have been destroyed! This has to stop! Chancellor Lord Smith might still rescue the place if he has the required courage!
SPARTACUS · 2 September 2025 at 21:01
These exchanges only confirm what this gladiator knows: UCam oligarchy (Anerican Queen, her accolites and all senior management) is deeply contemptible, unethical, incompetent, unlawful and corrupt! UCam is in deep decline and a toxic academic environment!
Bloody right · 2 September 2025 at 22:26
Bloody right!
Father Ted · 1 September 2025 at 21:03
What happened to the teddy bear?
Beatrix · 3 September 2025 at 18:16
Teddy Bear had been playing in the little garden behind the house, where daisies nodded in the sun and butterflies flitted lazily about.
Suddenly he tumbled rather badly over a mossy stone, and his arm gave a little twist.
“Oh, my hurty paw!” said Teddy, sitting upon a patch of soft clover. He looked around, hoping no one had seen his tumble, for Teddy was a brave little bear, and a proud one too.
Just then, Nurse Emily came strolling along the garden path, her little bag bouncing with every careful step. “Oh, Teddy Bear!” she exclaimed, kneeling beside him. “Let me see your hurty paw.”
Teddy held it out, wincing slightly. Nurse Emily hummed a soft little tune and wrapped the arm in a neat, soft bandage. “There we are, all better,” she said, smiling a little wanly.
But as she stood up, her foot caught on a tangle of ivy and bramble, and down she tumbled with a small plop into the clover. “Oh dear!” said Teddy Bear, rushing to her side. “You’ve hurt yourself too, Nurse Emily!”
Emily laughed gently, a tiny blush on her pale cheeks. “It seems even nurses need a bit of care now and then,” she said, patting Teddy Bear’s head.
So there they both sat, side by side, in the warm sun, bandages neat and hearts full, while the daisies nodded and the butterflies danced, reminding them that a little tumble was never so bad when friends were near.
SPARTACUS · 3 September 2025 at 19:15
Who is teddy bear? Nurse Emily I register 🙂
TheResearcher · 3 September 2025 at 20:20
Tim (Teddy Bear)? Check the post “Keeping the Secrets Safe” from 26 February 2025. But I might be wrong…
TeddyProblems · 4 September 2025 at 13:05
Traditionally, the University dealt with people raising awkward problems by trying to break them. That is, they set out to cause maximum emotional distress to them through endless delays, spurious reasons to do nothing or corrupt investigations. Their thuggish legal department played a role here, as well.
However, psychological warfare cuts both ways.
There is increasing evidence that those carrying out HR’s bidding are becoming increasingly concerned at the legal implications of their actions. The scale of HR’s damage to the University & the sheer number of investigations that are bungled means that this is a significant drain of time & energy for say Heads of School.
So, it is not just the victims that are breaking, It is also those engaged in the misconduct.
TheResearcher · 4 September 2025 at 13:43
“Their thuggish legal department played a role here, as well.”
And I thought that “the Legal Services Division does not advise students or staff members in an individual capacity.” This statement was made by the Legal Services Division itself, namely to a person who had evidence from data subject access requests that the Legal Services had advised senior Professor of the institution on how to behave in a case of misconduct, as given in a sequence of emails and in the phrase, “Just to confirm I have shared this with Legal Services to seek their advice.”
Most of these people are mentally very weak. Their main advantage, and it is a big one, is having a reputable institution supporting them. But when this breaks, and sooner or later it will break, they will break as well. We all need to keep pushing.
Mole · 4 September 2025 at 17:27
It is already happening. Everyone knows moment of reckoning close. People positioning themselves for the aftermath. Goal now is to 1) avoid all blame 2) present as being on the right side all along and 3) rise in the ranks after.
No to NDAs · 4 September 2025 at 13:51
Also see previous post here: https://21percent.org/?p=2593
“There are numerous ways that such HR witnesses can help if they prefer not to place themselves at risk. For example, by passing on any reliable hard evidence of corruption and abuse that they may have access to (when possible), especially to those victims that have placed themselves at considerable risk to try to bring an end to this catastrophic situation at our Universities. This would also have a positive impact on those HR members that are being harmfully impacted and also want change.”
Mole · 4 September 2025 at 18:02
Multiple competing factions within HR. Think: remnants sidelined by current cartel, disillusioned new hires, those who know right from wrong. Admittedly largest faction may be 9-5ers who want to keep employed / heads down. But their peeling away has left core clique to put their own fingerprints on all the knives.
TheWhistler · 4 September 2025 at 18:09
Also major report incoming on very senior figure in HR
Some bullets can’t be dodged
TigerWhoCametoET · 5 September 2025 at 08:18
When is the report due? Will it be public?
ABC · 4 September 2025 at 19:13
One can imagine that the heads of the administration would love to investigate then fire all members of this group then ramp up the pressure until every last person cracks. But they know this would immediately bring themselves personally into the spotlight of the police and press not to mention a wave of accusations and disclosures from their own disillusioned staff. They have been treading a fine line for years in knowing that at any moment a single deep whistleblower, criminal investigation or (god forbid) act of serious self-harm may send the whole house of cards collapsing. They have engaged that risk willingly and knowingly and negligently. No good person can abide by it and we all have a duty to make sure this risk is removed entirely.
21percent.org · 4 September 2025 at 20:33
1-28th June 2026, Bury St Edmunds Employment Tribunal should be the coup de grâce
Louis SJ · 4 September 2025 at 20:58
pour ceux qui ont agi sans grâce
qu’il n’y ait pas de grâce
SPARTACUS · 4 September 2025 at 21:07
This gladiator knows of other cases currently in litigation that will further tarnish the University! The School of Clinical Medicine is the scenario for one of the greatest scandals that will be eventually exposed! World leading research, outstanding research leaders and a fantastic laboratory have been destroyed as a result of demonstrably false allegations! The University leadership knows this and is desperate to keep it away from public scrutiny! Stay tunned…
TheResearcher · 4 September 2025 at 21:31
We really need stories in major newspapers ASAP. The legal gang is currently very busy with narratives of “defamation” in major newspapers to delay the inevitable, but they will not be able to keep it hidden for ever. We must all keep pushing it, from different departments and different schools. When it becomes clear that the behavioural patterns are the same across the university, it is game over.
Lorem Ipsum · 5 September 2025 at 02:19
Multiple rumours of press office confusion over whether can defame members of staff in communications to the major newspapers. With no fact checking or awareness of liability. This from within uni admin. Utter circus.
21percent.org · 5 September 2025 at 06:51
Let’s say Dr X takes a story to the press.
Newspapers have to get the university’s side of any story, so the story is then sent to Malcolm Tucker at the University press office for comments.
Plenty of opportunity for Tucker to make remarks about trustworthiness of Dr X
“Dr X has an axe to grind after failure to get promotion”, or “Dr X designed the Nazi float at a far-right conference”, or “Dr X likes whisky and fireworks”
Tucker does what is needed to spike the story 🙂
TheResearcher · 5 September 2025 at 08:21
According to “They have fangs, they have teeth” ChatGPT can also help with the elaboration of creative counter-stories!
But if the story of Dr X gets delayed or blocked, then Dr Y has to try and contact the newspapers; then Dr Z, and so on until the letters of the alphabet are exhausted. Mr Tucker cannot use the same story for all the staff and students of the university.
Anon · 5 September 2025 at 11:19
Similar strategy for replies to the Information Commissioner’s Office.
“OK so Professor Creeps was given unjustifiable access levels to IT systems and spying on colleagues via the WiFi logs… Do rest assured that “internal processes have been followed”
But what you really need to know is that Professor Z only reported that as part of an on-going dispute with Professor Creeps…”
TheResearcher · 5 September 2025 at 11:36
“internal processes have been followed”
Ahahah that was exactly what a Head of Department said to the for Director of Talent, Inclusion & Funding Delivery of BBSRC after covering up a case of harassment and not following the Terms & Conditions of the Grant of a Fellow he hosted in his Department. When the Fellow eventually sent data from subject access requests to BBSRC showing that the Head of Department had provided false information, their reply was that they had been reassured (verbally!!) by the host institution that the internal processes and procedures had been followed. What a circus…
InThe*OfIt · 5 September 2025 at 13:13
One wonders whether even Tucker by now has gotten cold feet at the scale of the deluge…
21percent.org · 5 September 2025 at 13:57
The deluge swells and engulfs ….
We are aware of a huge, jaw-dropping scandal that the University Press Office is either grappling with now (or is about to in the next week or two).
It is completely unrelated to any scandal so far discussed on the 21 Group blog.
Even the original Malcolm Tucker, on peak form, would struggle to cope with this one.
Our prediction is reputations will be swept away!
IntheLoup · 5 September 2025 at 14:02
All these scandals have now become a game of “pass the potato”. No-one wants to be the last one holding when they explode. Needless to say those doing the passing know the explosive nature of the material but share nothing with those they pass to…
SPARTACUS · 4 September 2025 at 21:13
This gladiator knows of at least one Head of School directly involved in a gigantic scandal where said Head was himself seriously bullying people in an attempt to destroy one of the most accomplished members of his faculty. Tic tic tic tic
Eileen Nugent · 5 September 2025 at 00:03
I think one of the current problems with HR in high pressure environments is that HR staff are conditioned to identify cases where an individual raising concerns/grievances is ‘overly sensitive’ as this can then be used to ‘solve’ the problem by making a declaration that the individual raising concerns/grievances is ‘overly sensitive’ and therefore an individual with a personal problem that is not work-related and the concerns therefore do not need to be investigated any further.
The problem with this HR approach is that it is incomplete. In addition to identifying whether an individual as ‘overly sensitive’ it is also necessary for HR to identify what the individual is ‘overly sensitive’ to in order to identify cases where the individual is ‘overly sensitive’ to systemic problems in HR. In such cases declaring an individual ‘overly sensitive’ and using this as a basis of dismissing all their concerns in the presence of significant systemic problems in HR is evidence of a relative insensitivity to systemic problems in HR by the person making that declaration and a demonstration of the lack of any oversight of HR at the systems level by the person making that declaration.
SPARTACUS · 4 September 2025 at 19:09
This gladiator states the obvious: the problem with HR comes from the top! University Head of HR, and School Head of HR, work in tandem with Registrary and Legal Office to be the executioners of what the University oligarchy want to happen to a given victim. Willing faculty participate as Responsible Person. Their recompense: leadership roles at UKRI, Regius Professorship at King’s College, Heads of House at the richest Colleges. The whole thing is corrupt to the core! UCam is rotten!
Eileen Nugent · 5 September 2025 at 01:36
Can’t see Cambridge reaching a state of being corrupt to the core – all manner of hermits lurking in Cambridge’s core – individuals HR has lost all contact with, some decades ago. Engaging in psychological warfare against individuals selected for high mental capability to work in a high functioning community that generates functional neurodiversity through high levels of specialisation is not going to generate predictable outcomes for HR.
Eileen Nugent · 5 September 2025 at 03:53
I never saw any evidence of HR staff in the school of physical sciences wanting/attempting to engage in psychological warfare – HR staff in the school of physical sciences seemed to want to do their HR role to the best of their ability within the constraints set by others in the organisation – constraints HR staff in the school of physical sciences had no power to alter – and to get on with their own lives.
I found it hard to judge the central HR team – it is possible that individuals in the central HR team do lack the foresight that would prevent any rational individual from engaging in psychological warfare against individuals in an organisation that selects individuals for high mental capacity to build highly functioning communities that are competitive at an international level, some of which specialise in psychology & psychiatry.
SOS · 5 September 2025 at 08:20
Observing or experiencing people engaging in psychological warfare is extremely difficult. Because psychological warfare affects one’s ability to “observe”, particularly to observe rationally.
A victim of psychological warfare often does not realise what is being done, because malice and deception is part of the warfare and because the detriment they are experiencing has an effect on their mental health.
A victim who becomes suspicious and questions the decision-making, may be accused of being over-sensitive, unreasonable or prone to attributing motive to others. At the same time, the experience of psychological warfare, including the gas-lighting that comes with it causes trauma, because it is an experience of violence.
Processes and reasoning behind HR advice and decision-making will be presented and made to appear as “inevitable”, “beyond our control”, set by policies or by employment law, or perhaps even by senior management. In more insidious cases decision-making may even be presented as a form of “safeguarding” justified by duty of care. In the midst of all these “constraints” the advisor then is really only “doing their best” for the victim or the target.
And then a careful look at the policies, at the legal information, at DSAR evidence, at the soundness of the reasoning provided throughout – perhaps aided by informed and expert external advice – reveals that all the hurdles and the constraints never were beyond the actors’ control, but very much within it. That the decision-making was made unilaterally to generate maximum detriment.
That realisation further adds to the trauma. It is frightening and distressing, because it is a realisation that the harm and violence was deliberate and unnecessary, and that no safeguarding is being provided against it by the institution.
- · 5 September 2025 at 08:50
It is organized psychological violence. The consequences are fully foreseeable.
Panpan · 5 September 2025 at 13:02
Not only foreseeable but forewarned – and then real. That is why the need to act is now.
The madness must stop before any more souls are harmed.
Eileen Nugent · 5 September 2025 at 12:34
For clarity – there were individuals in the organisation who could have removed the constraints in my case – these individuals were not HR staff working at the level of the department or school.
In terms of the central university response – it’s possible there was psychological warfare at play i.e. one individual/a group of individuals not working in the interests of the university spotting an opportunity to drive an already difficult & complex cases that arose accidentally (and without any intent) in a direction calculated to be the most likely to generate a state of maximum risk for the university.
It’s important to be open to all possibilities in life.
Eileen Nugent · 5 September 2025 at 14:56
Irrespective of the precise details of how these situations are arising there is extreme risk in them both for individuals and for the university.
I was complying with a set of legal obligations to the University of Cambridge – my interests were aligned with those of the University of Cambridge – that alignment acted as a guide line that eventually brought me through this complex and difficult situation, mental health in tact.
We often think of legal obligations as burdens – an this is true – but it is also possible that legal obligations to an organisation also act as organisational safeguards provided by that organisation, guide lines others before us discovered the need for and long ago laid down for us to enable us to safeguard ourselves and others in times of organisational uncertainty and give individuals in the organisation the best chance of emerging from that organisational uncertainty stronger and with newer more precise guide lines to safeguard individuals in the organisation and the organisation itself in future.
I did try looking for individuals in the University of Cambridge to safeguard me until I realised that the position I held within the University of Cambridge meant it was possible that no other individual in the University of Cambridge was responsible for safeguarding me and that I should instead look to the University of Cambridge itself i.e. to the legal obligations the University of Cambridge had given me when I entered that position as it was possible that the University of Cambridge in giving me those legal obligations – organisational burdens – was also giving me the mechanism to safeguard myself and that organisational safeguarding took a different form in that position – complying with legal obligations to the University of Cambridge – and not seeking out other individuals whose responsibility it was to safeguard me as there may be none.
Eileen Nugent · 6 September 2025 at 00:25
When I first realised that I had a set of legal obligations to the university I did try to get legal advice because I initially thought that taking and following legal advice was what safeguarded individuals in these situations and that this was what responsible individuals in them should always do – true to a first approximation – but I subsequently came to realise that an individuals fully understanding their legal obligations is what safeguards individuals in these situations.
Once I realised that key point I stopped trying to take legal advice from legal advisors [and to switched to finding and interpreting good sources of legal information – written by legal academics, judges, solicitors, legal regulators, journalists, writers, activists] to reduce the probability of reaching a state of extreme financial distress and to increase the probability of finding the most optimal way to comply with what was a complex set of legal obligations to the university by eliminating all unnecessary potential conflicts of interest – potential sources of representation errors, potential distortions in thinking – that could introduce inaccuracy into an already complex legal analysis.
This approach is not one I would have taken had I ended up in other whistleblowing situations but for that particular situation – specific set of legal obligations – it seemed to be the safest option and the one most likely to generate the most efficient and rational approach to complying with that set of legal obligations to the university – which included some new legal obligations e.g. those relating to the regulation of work-related stress which are more complex that they first appear and are in the process of being understood.
There were many points in time when I questioned whether I should have taken the standard approach to complying with these legal obligations – take and follow legal advice from suitably qualified legal professionals – instead of the approach I took but now when I see how whistleblowing cases could be handled and the societal progress that could be driven by handling them in a more efficient and rational way and I compare it to how whistleblowing cases are currently handled – based on individuals and organisations taking and following professional legal advice – I feel the approach that I took was – eventually – safer and that complying with these legal obligations to the University of Cambridge did safeguard me and did also guide me to a better approach to whistleblowing situations – one which which could benefit individuals, organisations and society.
OSCCA 101: The Student’s Guide to Complaints - 21percent.org · 7 September 2025 at 07:55
[…] five years, the culture of Cambridge University has deteriorated substantially, as judged by the numbers of Data Subject Access Requests. These are often used by individuals in dispute with the University. They are a rough proxy for the […]