Are we not missing something here?
The law requires data is processed fairly and lawfully - the fair part
ensuring we (the data subject) understand the likely consequences of
giving the DT our info. Achieved in my opinion, although the use of
terms like 'agents' could be hiding something. The lawful part achieved
no doubt through Schedule 2 (6).
So what about my rights to opt-out of direct marketing?
"An individual is entitled at any time by notice in writing to a data
controller to require the data controller at the end of such period as
is reasonable in the circumstances to cease, or not to begin, processing
for the purposes of direct marketing personal data in respect of which
he is the data subject"
So there doesn't have to be an opt-out tick box. This is a device that
has become common (best?) practice, but is not explicitly referred to in
the Act. In processing the personal data fairly, the DT have provided
contact details for individuals to exercise their rights under the Act.
(Note that my position is different when referring to 95/46/EC, where
individuals have the right "to object, on request and FREE OF CHARGE, to
the processing of personal data relating to him which the controller
anticipates being processed for the purposes of direct marketing". The
free of charge element (NOT carried into UK legislation) is best
facilitated buy an opt-out box in my view.
Some observers have pointed out that the phrase in the Act "any further
information which is necessary, having regard to the specific
circumstances in which the data are or are to be processed, to enable
processing in respect of the data subject to be fair" suggests the
opt-out box should be present. I have always argued that the opt-out
box is a mechanism for facilitating the rights and not 'further
information', which might in some way alter the data subject's actions.
For those that argue I can not prevent the DT from passing my personal
data to other data controllers before I can exercise my rights to
opt-out, I say "welcome to the real world of technology and personal
data". This is how it works! So if you do not want to have to write to
all the data controllers suggested by the DT, don't submit your personal
data in the first place. You were warned in their ‘fair processing
information’.
Regards,
Duncan S Smith
Principal Consultant
Mailto:[log in to unmask]
M: +44 (0)777 556 8180
T: +44 (0)1480 461 671
CoProfiles
"The Process of Improvement"
----------------------------------------------------------------
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of, or
taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you
received this in error, please contact the sender and delete the
material from any computer.
The information contained in this correspondence is not intended as
legal advice or counsel, and is not represented as such by the sender.
We makes no warranties or statements regarding the legal acceptability
of the information presented in this material. Any actions performed as
a result of this information are of the recipient's own choosing.
CoProfiles Huntingdon UK
-----------------------------------------------------------------
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|