In a message dated 06/11/2000 10:34:33 GMT Standard Time,
[log in to unmask] writes:
<< I'm with Martin, by and large, on this one - common sense has to prevail.
Abuse of the legislation is a two-way street and not simply protecting some
of the more unsavoury business practices, there is also some anecdotal
evidence of zealotry. >>
-------------------------------------
Common sense HAS to prevail, no doubt about that one. Most of us can,
however, tell the difference between cases of child protection, crime
prevention and junk mailing.
For those that cannot, however, here is a quick summary:
<<A Social Services Department allegedly told a concerned telephone caller
that they couldn't act on her worries about a neighbour's child unless the
caller herself told the family she was going to contact social services -
she was told this was because of data protection. It potentially places the
caller at personal risk, and ignores the SSD's overriding obligation to act
in the interests of child welfare (Children Act 1989) - because dp doesn't
exist in a vacuum. No telephone Helpline system could operate if this
attitude were adopted. It's not helpful and distorts the perception of what
dp is there to do.>>
This processing would be allowed, nay required, under the Child protection
Act 1989 and processing for purposes required by law meets conditions for DPA
without the need for consent.
---------
<<Another cautionary tale comes from a drug outreach group who were being
pressured by police to hand over details of the people they deal with. They
were reluctant, unsure of the intentions of the police in this respect.
(The drug users may well be committing crimes to support their habits). To
demonstrate their commitment to "information sharing" and openness, the
police then presented the drug team with a desk containing sheaves of
personal files ready to be inspected. The relevance of handing over these
files didn't seem to be an issue - it was gesture politics intended to get
to the holy grail of information they actually wanted (the drug team
declined to co-operate).>>
This disclosure might be in the public interest provided it did not infringe
the rights of the individuals - let's not forget the Human Rights Act 1998.
---------------------
<<- Dates of birth are used for fraud prevention purposes
- The address to which people should write when objecting to the receipt of
direct mail is in the process of being changed (the decision has been taken,
the material is at the printers or awaiting the software programmer to fight
her way through the floods and make the necessarty changes to the web site)
- I am horrified that you havn't received a reply to any letter sent to the
One 2 One Data Protection Manager - but you know who it is now so there
should be no excuse!>>
Dates of birth do not prevent fraud, the person should not be misled as to
any matter of fact (e.g. identity or address of data controller) and everyone
has the undeniable right not to have their personal details processed for
direct mailing purposes.
---------------
So there you have it, in a nutshell, free advice from someone who believes he
DOES understand the Data protection Act 1998, who also believes he takes a
pragmatic view and who does realise that decisions have to be taken in the
real world.
However, in some cases, people do make the wrong decisions in both directions
- sometimes over-protecting the individual and at other times protecting the
interests of the data controller regardless of the rights of the data subject.
So let's get real - if the comments you read about a particular case or
example are not to your liking it does not necessarily follow that the
respondent is liberal, PC, anti-establishment or whatever.
At least it raises awareness of the issues, and if you make a management
decision on a particular issue you will have seen both sides of the argument
and it will be an informed decision rather than made in ignorance (which is
no defence, as they say).
Ian B
MD
Keep IT Legal Ltd
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|