Once you publish on the web, how can you control who accesses the data and
what they then do with it? You can publish terms & conditions of site use,
but you can't force someone to comply (except by the remedy of protracted &
costly legal action, no doubt) and you may never discover any abuse.
If the data subjects are agreeable to this risk & understand what they are
letting themselves in for (including spamming) they can at least make an
informed choice about whether to be included on the website or not.
Re: question 2 - have I misunderstood? You've asked your club members if
you can publish their details on the web. Then you want to use this list
commercially using the argument that it's in the public domain. How does
that work? It's in the public domain only because you put it there! If you
got consent to publish the list, couldn't you have obtained consent for
other proposed uses at the same time?
In a non-web environment, you presumably wouldn't hand out the membership
list or individual details without consent. Once the data has been
published on the web, it's less about a waiver of individual rights, more a
question of the limits of your practical ability to protect the published
data.
regards
Su
Su Goulding
Audit Assistant/Data Protection Co-ordinator, NSPCC
020-7825-1393
[log in to unmask]
-----Original Message-----
From: Graeme Shanks [mailto:[log in to unmask]]
Sent: 22 January 2001 12:28
To: [log in to unmask]
Subject: Contact Details
I would be grateful for any advice the group can give me on the following:
If contact details for a club or society are on an Internet site and the
data subjects are made aware that their information will be available to
anyone with access to the World Wide Web and have given consent that their
data may be used for this purpose how does the fact that the data is
available on the Internet change things? ...
1. Can this data be compiled by another individual/organisation for direct
marketing purposes without seeking consent from the data subject to hold the
information or has the data subject waived such rights by allowing it to be
published on the web?
2. Can the data controller of the internet database pass any data to another
individual/organisation without obtaining consent from the data subject if
the information is available in the "public domain" anyway i.e. the
Internet?
Regards,
Graeme
|