Can You Deny a DSR if the Request is Weaponized?

Welcome!

Share and discuss the best content and new marketing ideas, build your professional profile and become a better marketer together.

All Posts People Badges

Tags (View all)

Data Privacy IDT Tech Privacy DSR Data Mapping

About this forum

Can You Deny a DSR if the Request is Weaponized?

DSR

28 Views

CKonnect

You work for a fintech company. A known troublemaker — someone who has previously harassed your support staff and left multiple fake reviews — suddenly raises a Right to Access and Right to Rectification request under the DPDPA. You suspect the intent is to burden your team and gather internal data to fuel more public complaints.

You’re tempted to push back or delay. After all, the person’s clearly acting in bad faith. But can you?

How would you respond?

Can intent or motive be used to deny or delay a data subject request under GDPR or DPDPA?
What safeguards or red flags should you document internally before making a decision?
If you do respond, how would you protect your team from further harassment while still staying compliant?

Use this case to explore the fine line between lawful refusal and lawful obligation.

Enjoying the discussion? Don't just read, join in!

Create an account today to enjoy exclusive features and engage with our awesome community!

Related Posts		Replies	Views	Activity
You’ve Received a Vague Data Access Request — What Now? DSR		0 May 25	48
How Would You Respond to a "Right to Be Forgotten" Request from an Ex-Employee? DSR		0 May 25	35

Welcome!

This question has been flagged

Enjoying the discussion? Don't just read, join in!

Follow us