I thought they already had its content prior to the legislative changes
under the Representation of People Act to control such use. Their challenge
being to maintain the accuracy of records re persons moving, I note they
attempt this in one way by letting subscribers and vistors to their site
provide them with data. They may also seek to purchase post office address
file data as another source. I suspect issues are a bit like bolting the
door after the horse has bolted.
Mind you haven't been tracking recent debates around 192.com data access.
Im still waiting for them and other data controllers to notify me that they
have personal data on me obtained from a third party source. Surely it must
have been 'processed' on their systems by now. What are the legislative
safeguards which exist over such processing if 'disproportionate effort' is
argued as the reason not to advise the data subject of the minimum
information the Act requires?
Article 11 of 95/46EC (the underlying directive from which the UK Act was
created) states
-------------
Information where the data have not been obtained from the data subject.
Where the data have not been obtained from the data subject, Member states
shall provide that the controller or his representative must at the time of
undertaking the recording of personal data or if a disclosure to a third
party is envisaged, no later than the time when the data are first disclosed
provide the data subject with at least the following information, except
where he already has it:
a) The identity of the data controller and of his representative;
b) The purpose of the processing;
c) Further information such as
- the catagories of data concerned
- the recipients or catogories of recipients
- the existance of the right of access to and the right to rectify the data
concerning him.
in so far as such further information is necessary, having regard to the
specific circumstances in which the data are processed, to guarantee fair
processing in respect of the data subject.
Paragraph 1 above does not apply where, in particular for processing for
statistical purposes or for the purposes of historical or scientific
research, the provision of information proves impossible or would involve a
disproportionate effort or if the recording or disclosure is expressly laid
down by law. In these cases Member States shall provide appropriate
safeguards.
------------
Question - If the interpretation is that notifying all persons on the
electoral register by all purchasers of it is 'disproportionate effort' (and
I suggest you could also interpret the directive text a different way in
relation to 'in particular'). Then exactly where are these 'safeguards'
written into legislation and how do they apply to those obtaining the
electoral roll for non electoral purposes?
Im getting old, so come on those of you with more nimble academic minds help
me out.
David Wyatt
----- Original Message -----
From: "Colette Healiss" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Thursday, December 12, 2002 2:22 PM
Subject: [data-protection] 192.com
> Dear All
>
> Can anyone advise on what is the up to data position re 192.com getting
> hold of the electoral role.
>
> Cheers
> Colette Healiss
> IT Strategy and Regulation
> St Helens Council
> Town Hall
> Victoria Square
> Telephone 01744 456052
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|