The data includes job application material such as references, and documentation related to grievances lodged by me and the associated legal proceedings against the University and others. (On my legal proceedings, see on this website: 'About the University of Leicester', 21 January 2010; 'Legal and other costs - the University of Leicester and others', 17 April 2010; 'Professor Bob Burgess (Vice-Chancellor, University of Leicester) and the honours system', 23 January 2011.)
The ICO's recommendation was issued after investigation of a complaint received from me in 2012, the ICO concluding that the University was likely to have breached the Data Protection Act in withholding the personal data when I presented a subject access request. The ICO also asked the University to take steps to prevent the situation from happening again.
The ICO's hands are not tied in such a situation: it could serve an enforcement notice on the data controller requiring it to disclose the information to the data subject. (Failure to comply with an enforcement notice is a criminal offence.) But the ICO has chosen not to do this, also not responding to certain of my representations about its position in this regard or to questions about the content of a telephone conversation between it and the University just before the University sent me the letter mentioned above advising that it would not disclose the data. (How can the ICO promote openness if it struggles to apply the concept to its own operations?)
The strength of the ICO's commitment to promoting the relevant standards has been questioned by Members of Parliament and others in various contexts. Matters raised by MPs have included concerns relating to the ICO's investigation into blacklisting in the construction industry.