In a message dated 31/05/2001 09:24:37 GMT Daylight Time,
[log in to unmask] writes:
<< Now I'm confused I was of the opionion that if the images were clear enough
that a person could be identitified then their image should be blurred etc
to avoid a third party disclosure, the intention of the data subject being
irrelevant, I can't find anything in section 7 of the Act that requires the
data controller to obtain information as to the intention for requesting
subject access.
Is this the new case? has jon bamford been misquoted?? >>
--------
Probably.
There is nothing in the Act requiring the controller to ask why a data
subject wants the data, and nothing requiring the data subject to tell them.
If I were you, I'd stick to the "third party" rules as laid down, i.e seek
consent unless it is not possible or necessary in the circumstances. It may
be possible to leave the images in, even if the third party is a university
employee who attacks a member of the public for submitting a subject access
request.
Ian Buckland
MD
Keep IT Legal Ltd
Please Note: The information contained in this document does not replace or
negate the need for proper legal advice and/or representation. It is
essential that you do not rely upon any advice given without contacting your
solicitor. If you need further explanation of any points raised please
contact Keep I.T. Legal Ltd at the address below:
55 Curbar Curve
Inkersall, Chesterfield
Derbyshire S43 3HP
(Reg 3822335)
Tel: 01246 473999
Fax: 01246 470742
E-mail: [log in to unmask]
Website: www.keepitlegal.co.uk
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|