In case any or you want to see the true potential for disaster, the Spanish
version of Big Brother (TV, poor taste, etc etc etc) was fined EUR1,081,990
for four separate breaches of duty by the Spanish system. [Source: Sergi
Gimenez of MULLERAT, at a seminar hosted by Nabarro Nathanson].
While the UK fines are piffling, and one might seriously consider "pay and
be damned", several other things are at risk, including:
* Reputation of the organisation. Can it AFFORD the adverse publicity
* Auditable cost of defending an action for damages
* Auditable cost of defending a criminal prosecution
* Personal stress at a pay level which leads one to believe stress is not
being paid for
* Ah yes. The rights of the Data Subject. Had to get that one in somewhere
* Non UK administrations with a different view of enforcement
There are more "hard things" in facing a legal regime than you can shake a
stick at. Organisations who pay at a clerical level for a remarkably senior
job role are making false economies. At risk of being highly controversial,
doing one's job "too well" lulls them into paying too little.
I am not advocating a slapdash approach to work, though. Rather I see a
serious issue with internal risk assessment. But the lower paid Privacy
Officer is in a cleft stick. They DO the work of a more correctly paid and
graded person because that is their job description, and failing to perform
creates personal risk. But if the post is regraded and paid at what I argue
are the correct levels for the enormous responsibility, and if they argue
successfully for this, they are unlikely to be carried forward with the
post. "This is too senior a role for you Mr Smith, we have transferred you
at current pay levels"
_____________________________________________________________
Tim Trent
Chief Privacy Officer EMEA
Gartner
EMEA Marketing, Tamesis, The Glanty, Egham, Surrey, United Kingdom,
TW20 9AW
Switchboard +44 (0)1784 431 611, Direct Line +44 (0)1784 267 335, Mobile +44
(0)7710 126 618, Fax +44 (0)1784 268 932
http://www.gartner.com
[log in to unmask]
The opinions expressed in this message are my own, and may or may not
reflect those of my employer. They are expressed as a part of the
discussion on the JISCMail mailing list on data protection and for no other
purpose. They have no legal standing and are offered as part of informed
and informal discussion. They may NOT be attributed to Gartner in any way.
Any personal data provided is provided expressly for use of discussions on
the JISCMail Data Protection Discussion list. Under the UK Data Protection
Act 1998 I expressly forbid any individual or organisation to make
commercial use of my data published either on the email list or in the
archives of that or other lists whether this message appears or not. This
includes messages already published in the archives.
-----Original Message-----
From: ALASDAIR WARWOOD [mailto:[log in to unmask]]
Sent: 10 October 2002 00:17
To: [log in to unmask]
Subject: Re: Salary Vs Risk
And how much does it cost to defend a court action? Plus what does it do to
the shareholder value/reputation of a commercial company that has a
reputation worth defending? Remember Gerald Ratner and his prawn
sandwich/gold earrings comparison!
----- Original Message -----
From: "Duncan Smith" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Wednesday, October 09, 2002 5:22 PM
Subject: Salary Vs Risk
All this talk of salaries leads me to an interesting (controversial?)
thought.
Given that the largest fine handed out by the Information Commissioner
(Annual report 01/02) appears to be less than £8k (to poor old London
Borough of Havering), does it make economic sense to hire someone at
£25k (£50k with all associated benefits and 'usual' on-costs) to manage
responsibilities inherent with Data Protection Act 1998 (and FOI I
guess)?
I haven't seen any claims for compensation through the courts yet, nor
have I seen any really juicy 'reputational damage' issues.
I am reminded of Jeremy Clarke's 'bangernomics' (run a £250 car into the
ground and buy a new one, rather than pay £400 in servicing).
Regards,
Duncan S Smith
Principal Consultant
Mailto:[log in to unmask]
M: +44 (0)777 556 8180
T: +44 (0)1480 461 671
CoProfiles
"The Process of Improvement"
----------------------------------------------------------------
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of, or
taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you
received this in error, please contact the sender and delete the
material from any computer.
The information contained in this correspondence is not intended as
legal advice or counsel, and is not represented as such by the sender.
Company Profiles makes no warranties or statements regarding the legal
acceptability of the information presented in this correspondence. Any
actions performed as a result of this information are of the recipient's
own choosing.
CoProfiles Huntingdon UK
-----------------------------------------------------------------
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|