Friends & colleagues
Let's get back to basics! An email address (or a mobile phone number, or a
landline number, for that matter) doesn't need to identify an individual to
be personal data, nor does it have to be unique to an individual. Assuming
it meets the criteria for being data in the first place (processed
automatically, or in a structured manual filing system etc etc), then it is
personal data if it relates to a living individual who can be identified:
(1) from the email address, or (2) from the email address and other
information which the data controller has or is likely to have. Like a lot
of other information, neither email addresses generally nor an email address
in particular are likely to be personal data in every case. Some email
addresses processed by a data controller may be personal data and others
not. The same email address may be personal data in the hands of one data
controller and not in the hands of another.
Durant doesn't change this. Durant makes us consider the context in which a
particular email address is processed by a particular data controller in
determining whether it relates to an individual. For example (ignoring the
issue of being in a structured file), in the FSA's file concerning Michael
Durant's complaint against Barclays Bank, the email address
"[log in to unmask]" [fictitious] which might appear on a copy of a message
from Barclays to Mr Durant does not relate to Mr Durant, whereas on the
original in Barclays' own file it does. The same email address appearing in
different copies of the same message is not personal data in the first
instance and is personal data in the second.
While Durant is important (it can make more work for us if we let it), to
those who cite it as redefining personal data, I say: "I'll see your Durant,
and raise you a Lindqvist".
There is no more an answer to "Email Address - Personal Data?" than there is
to "How long is a piece of string?"
Ian Mansbach
Mansbachs
Data Protection Practitioners
[log in to unmask]
phone: 0871 716 5060
international: +44 (871) 716 5060
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|