Adrian
Some quick personal thoughts as one of the subscribers who work in DPA in
the commercial sector
As a subscriber I believe that it is arguable that the list contains
personal data about me. I do not recall I was aware that the list was an
open list when I joined or that opinions attributed against my name may be
seen beyond the subscribing members. I do not usually access the list by web
browser, simply participate by email.
I recall discovering on my first web access that I could find all the
articles I had commented on by a name search. At this point I started to
drop my companies name from emails and now participate only from home in my
own time. From my security background I am also conscious of the security
failings of the web and the way email addresses are collected for junk mail.
To date this has not been a problem from mailbase use but a mirror on his
public web site abroad could give increase risk of this occurring.
If the information is argued as personal data (opinions of identifiable
subscribers) then you would appear to need to be prudent in advising all
subscribers that their comments are public domain. They can then choose
whether to continue to participate (implied consent) or possibly switch to
pen names and anonymous emails addresses as a practical step to prevent any
possible spin offs. Whether the resultant admin is easy for Jisc or yourself
to manage or whether you would wish to is only one you can answer.
David Wyatt
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]]On Behalf Of Adrian Tribe
Sent: 25 January 2001 15:21
To: [log in to unmask]
Subject: Mirroring of discussion list archives
Dear colleagues,
I have been asked by someone in Turkey whether he can mirror on
his local (public) Web site the messages sent to a jiscmail list
that I own, so that the students and staff at his academic
institution can follow the list without clogging up his limited
bandwidth by all being subscribed individually. It all sounds
very worthy etc, but...!
His argument is that as there is already an archive accessible
world-wide from the jiscmail.ac.uk Web site, there aren't really
any further DP considerations. I'm not happy with that argument.
At the very least I feel I would have to inform the list members
that personal data (name and e-mail address at least) of
contributors would be being stored and displayed via a Web site
in Turkey as well as the UK, although how would I deal with it if
someone objected? What other issues should be considered here?
On one level I realise that this is all rather petty stuff, and for
all I know, this sort of thing is going on all over the place, but
as the list owner in this case, I would like to try to do the
right thing!
Thanks.
Best wishes,
Adrian
Adrian Tribe <[log in to unmask]>
List owner, [log in to unmask]
|