Some observations
Isn't section 29(3) only applicable in relation to prevention / detection of
crime or taxation. The person data relates to has to be the suspect under
investigation. As I understand it the section is open for use by anyone who
can justify the activity of preventing or detection of crime.
I would also put the onus on the requestor to justify if they have any
statutory right access. If not you can always say no to any request. Where
such statutory access exists it can be accompanied by offences by the
disclosee relating to obstruction . The requestor should then however be
making a request via Section 35 if that was the case. However it is not
uncommon to find confusion of the differences between Section 29 and Section
35 when requests made.
Under Section 29(3)b requests, the non-disclosures exemptions of section
27(4) only kick in where applying them (e.g. first principle notifying a
data subject the data is collected and disclosed) would predjudice the
prevention or detection of the crime under investigation. Is the knowledge
of the disclosure and processing always predjudicial to any criminal
investigation. A section 29(3)request should declare this fact
A section 29(3) request by its nature is an indication of no statutory
access rights by the requestor and therefore permits choice on the disclosee
on whether to provide the data sought. In such case to keep your costs down
make the requestor do all the work to justify their access and ensure they
put it in writing.
I would re-check with the requestor to ensure the extent of their authority
in making their request e.g. Why do they not have any statutory authority to
request such data? A challenge you can raise with them is whether you can
approach the data subject for consent to disclosure to them. Getting consent
to non-statutory disclosures via data subject consent protects a data
controller better than a 29(3)request. It is also a sight easier to
administer particularly if the data subject is on you staff
Hope this assists
David Wyatt
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]]On Behalf Of
> [log in to unmask]
> Sent: 18 March 2002 17:17
> To: [log in to unmask]
> Subject: Re: UK Immigration Service
>
>
> ** Reply to note from Gwenan Owen <[log in to unmask]>
> Mon, 18 Mar 2002 15:02:36 -0000
>
>
> > We've had a request from the UK Immigration Service to confirm
> the student
> > status of someone - they are asking under s.29(3) of the DP Act 98. This
> > particular student is now a member of staff here - I don't know
> if this makes
> > a difference.
> >
> > Amazingly I've never had to deal with this type of request
> before and wonder
> > if anyone could confirm the UK Immigration Service's powers to
> request this
> > info from us?
>
> Was that student an overseas student? If yes read on, if not
> excuse me ...
> old age.
>
> There was some debate a while back about telling/not telling the home
> office (Aliens department as I remember). I was told we did not have to
> tell.
>
> At the time I took the view that by giving a letter of acceptance to the
> student and stating the length of course etc we enabled the
> student to get a
> visa hence we HAD TO tell. Not the case.
>
> ----------------
>
> In practical terms though.
>
> Make sure your member of staff has a work permit just in case and
> if s/he has
> not got one DON'T TELL the list.
>
> Charles
>
> ==============================================
> Charles Christacopoulos, Management Information Officer,
> Planning & Information Group, University of Dundee, Dundee DD1 4HN,
> Scotland, United Kingdom.
> Tel: 44(0)1382-344891. Fax: 44(0)1382-201604.
> http://www.somis.dundee.ac.uk/ http://somis2.ais.dundee.ac.uk/
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|