My personal view
I still cannot convince myself that a photograph on its own is 'personal
data' subject to the DP Act.
Personal data has to identify a living individual. Whilst a photograph can
undoubtedly do this it only does so if you associate it with a name. Does
the London Eye as the potential data controller have this name or is it
information they are likely to obtain as a consquence of their service to
their customers.
Doesn't seem to me they collect a name for all users of the service. To be
an 'individual' whom London Eye can identify you have to be uniquely
identified from only that data the data controller has or can legally
obtain. Is such data routinely obtained e.g Does the London Eye need to know
the identity of all users of the ride because of saftey / security
obligations? Where would they legally get such data if not from the
individual. Some other data may be available to them as potential data
controllers such as credit card details but without a clear process this may
not be readily linked to ride location, in addition some customers will pay
by cash. The Photo can become part of a set of personal data in their
possession but it does appear the set would exist in every case.
There are undoubtedly other issues which may arise regards unauthorised
photography which are not DPA related.
If the purpose of the photograph is saftey/security related it may only be
connectable to other information if an incident arises however whether the
London Eye would/could match to other data in their possession or that which
someone can legally disclose to them or whether they would provide the photo
to a TP such as the Police would appear to have a bearing on who has a set
of 'personal data' and whether the Act applies to it.
I remain to be convinced, but have an open mind, given other potential data
which can exist. If you made a subject access request for the photo would
you get a copy for ?10, What does London Eye charge normally for souvenier
photographs?
Now knowing this list I'll duck ;-)
David Wyatt
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]]On Behalf Of Charles Oppenheim
> Sent: 14 May 2001 15:24
> To: [log in to unmask]
> Subject: data protection implications of the London Eye
>
>
> As anyone who has visited the London Eye will be aware, they take a photo
> of groups of visitors as they enter the Eye. Photos of those groups are
> then on display at the exit. It is therefore very easy to see (and in
> principle identify) individuals who were on the Eye recently, or are
> following you.
>
> A colleague was unhappy about being photographed in this way and asked not
> to be included, but was told by a London Eye official "sorry, you are
> required to be photographed, this is a condition of being allowed on the
> Eye". This was a verbal explanation. No conditions of this type were
> indicated on booking forms or tickets.
>
> Does this break any data protection Principles?
>
>
> Professor Charles Oppenheim
> Dept of Information Science
> Loughborough University
> Loughborough
> Leics LE11 3TU
>
> Tel 01509-223065
> Fax 01509-223053
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
> all commands go to [log in to unmask] not the list please!
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|