There is surely an important difference between anonymity and
traceability.
An email can be traced back to the sender server but if sent
under a pseudonym needs cooperation of a third party (the
senders server operator or ISP) to identify the actual sender.
Releasing that information could itself be a breach of the DPA,
other legislation or a contract with the user. The information may
therefore only be obtainable using legal powers.
The receiver of an "anonymous" email has no way (on their
own) of identifying the sender. In response to a Data Subject
access request they would have no way of knowing that an
anoymous email came from that person so could not release it
to them. In that sense an anonymous email cannot be personal
data since it is impossible to readily relate it to a known
individual.
I do not think that the Data Protection Registrar would really
expect a witch hunt to find the sender of every anonymous email
just in case they need to be linked to other records. I certainly
have a life to live that leaves little time for that activity!
John Hitches
Kingston University
Date sent: Thu, 17 Feb 2000 11:39:15 +0000
Subject: Re: E-mail advice and DPA
From: [log in to unmask]
To: [log in to unmask]
Copies to: [log in to unmask]
Send reply to: [log in to unmask]
> # >Anonymous e-mail does not constitute Personal Data unless the
> # >pseudonym is
> how can email be anonymous? there will always be server route and
> at the end of the day the log files on the sender's server could
> identify a user despite the easy way to disguise yourself as
> someone else!
>
> # >Hope members agree?
> YES
> Sally Justice
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|