> The only problem with this theory is that many employees are not given a
> choice when it comes to e-mail addresses. The norm is that IT department
> chooses it for you and gives you:
>
> [log in to unmask]
>
> The data controller is therefore disclosing your details to the whole
world,
> often without your consent, don't you agree?
Well I don't really want to make a great song and dance about this. However
I don't quite agree. I think the data subject is dislosing their details by
posting the email, rather than the data controller by assigning an email
address. There is the analogy of the snail mail address: anyone can look up
where Fuji Bank is located, for instance: I don't accuse my data controller
in this instance of disclosing my details, even though my business address
is easily obtained by virtue of my employment.
A more important consideration however is the content of the email itself,
which many folk think is relatively secure. There are innumerable web sites
(UK based) which solicit visitors to use email to transfer personal data. It
was this to which I was alluding as potentially breaching the Act at least
in spirit.
Tim
--
Tim Wright
IT Security Manager
Fuji Bank, London
----- Original Message -----
From: <[log in to unmask]>
To: <[log in to unmask]>
Cc: <[log in to unmask]>
Sent: Thursday, March 23, 2000 12:06 PM
Subject: Re: Misuse of work computers
> In a message dated 23/03/2000 11:56:29 GMT Standard Time,
> [log in to unmask] writes:
>
> "It's my view from a data protection angle that anyone who sends an email
via
> the Internet is putting its contents and as much personal info as goes
with
> it (email address etc) in the public domain."
>
> Hi Tim
>
> The only problem with this theory is that many employees are not given a
> choice when it comes to e-mail addresses. The norm is that IT department
> chooses it for you and gives you:
>
> [log in to unmask]
>
> The data controller is therefore disclosing your details to the whole
world,
> often without your consent, don't you agree?
>
> But in terms of the original thread, I would agree that monitoring all
> e-mails (after informing staff that you will intercept and there's no such
> thing as a private e-mail) is a good idea if you have an e-mail policy to
> enforce.
>
> Ian Buckland
> MD
> Keep IT Legal Ltd
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|