Is not most of the data collected by the ISP's actually owned and controlled
by the customers (as data controllers). If so it does not matter where the
processing takes place as the data controllers still have a responsibility.
The legislation clearly states that 'data controllers' are responsible for
the data they may be processing and that 'data processors' can only lawfully
act under the direct instruction of the data controller. (Are not ISP's data
processors as well as data controllers.)
Whilst this is only a very simplistic view, as many customers of ISP's are
domestic customers, it does seem that business generally has not yet
addressed this area of their responsibilities.
This whole area appears to be back to front at the moment.
Ian
----- Original Message -----
From: Tim Chown <[log in to unmask]>
To: Duncan S Smith <[log in to unmask]>
Cc: Data Protection discussion group <[log in to unmask]>
Sent: Thursday, March 16, 2000 9:08 AM
Subject: Re: Direct Mktg. and Lists (spam)
> On Thu, 16 Mar 2000, Duncan S Smith wrote:
>
> > 3. How 'legal' is the practice of collecting information abut peoples'
> > purchasing and browsing habits from an e-commerce web server log (MS
Site
> > Server), and how should I gain informed consent from the 'net surfer'?
>
> I would hope UK servers fall under the Act, and I would hope the Act can
> be a means by which "spam" electronic or paper mail can be reduced.
>
> But surely a site can just place their server "offshore" to dodge the Act?
>
> tim
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|