At 10:44 15/06/00 +0100, Spencer Gasson wrote:
><Snip>
>I'm not quite sure how this would work on an Intranet since it is an internal
>version of a printed list, but suspect the same would apply.
You can publish on an intranet without getting prior consent, as you
can argue that the condition set out in Schedule 2 Para 6(1) of the
DPA applies:
"The processing is necessary for the purposes of legitimate interests
pursued by the data controller or by the third party or parties to whom
the data are disclosed, except where the processing is unwarranted in
any particular case by reason of prejudice to the rights and freedoms
or legitimate interests of the data subject."
For an organisation to function properly, an internal directory is
essential.
So, you can have an opt-out policy for inclusion of details in an
intranet Web directory, but you'll need an opt-in policy for the public
Web directory to be on the safe side.
Best wishes,
Adrian
Adrian Tribe <[log in to unmask]>
Web Editor, Birkbeck College, University of London
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|