Thanks for that Paul ...it has confirmed my reasons for withholding third
party information relating to my SAR.  As we all know the Act is there to be
tested!
Doreen Broom
Data Administrator
Scottish Borders Council
Council HQ
Newtown St.Boswells
Melrose
Borders  TD6 0SA

Tel: 01835 824000


> -----Original Message-----
> From: Paul Ticher [SMTP:[log in to unmask]]
> Sent: 09 March 2001 12:52
> To:   [log in to unmask]
> Subject:      Re: Fees for subject access
>
> I agree that Susan's scenario is realistic, but the Act doesn't actually
> mention the business of whether or not the Data Subject already knows the
> Third Party data.  The Act says that if the Third Party has refused
> consent
> the part of the data that relates to them does not have to be released
> unless it is reasonable to go ahead without consent (s.7 (4) and (5)).
>
> The Act then says that in deciding whether it is reasonable to release the
> data without Third Party consent you have to take into account 'in
> particular' any duty of confidentiality (etc.)  (s.7 (6)).  In Susan's
> case
> it is clearly reasonable for the Third Party to withhold consent,
> especially
> because you owe them a duty of confidentiality.
>
> The question of 'did they already know the information?' is an example
> provided by the OIC to illustrate a case where withholding consent might
> not
> be reasonable, but in the context where the Third Party is an official
> providing information in the course of their work (para 7.6 of the OIC
> paper
> on 'Subject Access Rights and Third Party Information').
>
> I've done a flow chart on 'do you have to release third party
> information?',
> which I think is clearer than the OIC one appended to the paper mentioned
> above.  Available on request as a .doc attachment.
>
> Paul Ticher
> Information Management
> 0116 273 8191
> 22 Stoughton Drive North, Leicester LE5 5UB
>
> ----- Original Message -----
> From: GOULDING, Susan - NC <[log in to unmask]>
> To: <[log in to unmask]>
> Sent: 09 March 2001 10:55
> Subject: Re: Fees for subject access
>
>
> > Would also like to respectfully disagree with Ian's comment in a similar
> way
> > to Peter's opinion below.  Sometimes an organisation might have to take
> into
> > account the wider picture, for instance, the possibility of
> recriminatory
> > actions as a result of disclosure, viz the following (genuine, but
> seriously
> > abridged) scenario:-
> >
> > There is a SAR for a case involving estranged partners where one has
> made
> > allegations against the other.  The requester knows who made the
> allegations
> > and asks for the data. There is a duty of confidentiality to the the
> person
> > making allegations & with respect to advice given, yet the requester is
> > clearly also a data subject.  A database search by the requester's name
> > reveals the relevant records although the parties do not have a surname
> in
> > common.
> >
> > To disclose third party data in this case, on the grounds that it was
> > plainly evident that the requester did indeed know who made the
> allegations,
> > would have broken client confidentiality and shirked contributory
> > responsibility for any subsequent outcome - e.g. possibly including
> > violence, legal proceedings, etc.
> >
> > Cowardice or pragmatism?
> >
> > -----Original Message-----
> > From: Peter Wilson [mailto:[log in to unmask]]
> > Sent: 09 March 2001 09:42
> > To: [log in to unmask]
> > Subject: Re: Fees for subject access
> >
> >
> > Ian wrote - Unless of course the data subject already knows the identity
> of
> > these third parties in which case there is no reason to withhold nor
> even
> to
> > seek consent.........
> >
> > Disagree - The subject may well know the identity of TP. It is the data
> that
> > is the key.  If after reading the reference you feel that releasing
> would
> > not come back to haunt  YOU  (from TP)  Release . (I & you know there
> > shouldn't be - but - heh this is the REAL world.)   If however you feel
> > there might be something, and after asking the TP for consent which is
> not
> > given - it would be a very brave DPO who would release.  Your call.
> >
> > Peter
> >
> >
> >
> >
> > E-mail: [log in to unmask]
> > Website: www.keepitlegal.co.uk
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >     If you wish to leave this list please send the command
> >        leave data-protection to [log in to unmask]
> >             All user commands can be found at : -
> >     www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
> > all commands go to [log in to unmask] not the list please!
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
> > Peter Wilson
> > Data Protection Officer
> > University of Paisley
> >
> >
> >
> > Legal disclaimer
> > --------------------------
> >
> > The information transmitted is the property of the University of Paisley
> and
> > is intended only for the person or entity
> > to which it is addressed and may contain confidential and/or privileged
> > material.  Statements and opinions expressed in this
> > e-mail may not represent those of the company.  Any review,
> retransmission,
> > dissemination and other use of, or taking
> > of any action in reliance upon, this information by persons or entities
> > other than the intended recipient is prohibited.
> > If you received this in error, please contact the sender immediately and
> > delete the material from any computer.
> >
> > --------------------------
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >     If you wish to leave this list please send the command
> >        leave data-protection to [log in to unmask]
> >             All user commands can be found at : -
> >     www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
> > all commands go to [log in to unmask] not the list please!
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >     If you wish to leave this list please send the command
> >        leave data-protection to [log in to unmask]
> >             All user commands can be found at : -
> >     www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
> > all commands go to [log in to unmask] not the list please!
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>     If you wish to leave this list please send the command
>        leave data-protection to [log in to unmask]
>             All user commands can be found at : -
>     www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
> all commands go to [log in to unmask] not the list please!
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^


________________________________________________________________

This e-mail is privileged, confidential and subject to copyright.
Any unauthorised use or disclosure of its contents is prohibited.
The views expressed in this communication may not necessarily
be the views held by the Scottish Borders Council.
_________________________________________________________________

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
    www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^