I have some Tribunal decisions on disk which I think was provide by the
OIC - unless they were provided to me (in my capacity as a member of the
Tribunal) by the Tribunal secretariat?
Alasdair Warwood
----- Original Message -----
From: "Ian Welton" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Thursday, February 13, 2003 2:36 PM
Subject: Re: What Use is Notification?
By High Speed Gas and Goldfish I relate to the British Gas and Goldfish
Credit Card incident and Tribunal case. (OCPR Fourteenth Annual Report -
Appendix 6 (I think))
http://www.dataprotection.gov.uk/dpr/dpdoc.nsf/ed1e7ff5aa6def30802566360045b
f4d/d7894e2c1568311380256892004232f2?OpenDocument
As I understand it British Gas decided to use their customer data to direct
mail customers in order to start a credit card company (Goldfish),
unfortunately somehow overlooking the data protection principle issues.
They were eventually found to be in breach, meanwhile a significant number
of peoples data had been misused. Should BG have perhaps been asked to give
every one of the data subjects involved a one pound gas refund?
Test bed cases, little advertised, and now no longer easily available (which
a simple database holding DP tribunal/court decisions could resolve - rather
than having to remember and search through the relevant OIC annual report or
Encyclopedia on DP) do little to support DP practitioners in the field who
may not necessarily have the funding to gain sufficient training to be
personally aware of the dangers for their organisation; Which itself may not
necessarily be in a rush to allow them to become aware, or not aware itself.
After all, knowingly or recklessly is enabled as a defence by those
organisations who chose that particular ethical path. Hard luck for the
grief the underpaid DPO gets meanwhile though.
DPO's trawling other means of information to set the peices in order can be
a cheaper method, but not necessarily as effective in a commercial world
where the time taken searching equates to financial costs, and it is easier
and more beneficial for a focus on data audit to be maintained in order to
ostensibly maintain data privacy.
Yours freely MS£ :-)
Ian W
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]]On Behalf Of Ian Welton
> Sent: 13 February 2003 13:05
> To: [log in to unmask]
> Subject: Re: What Use is Notification?
>
>
> The DPA provides precisely the protection both Tim and the
> others state.
> The history behind the DPA indicates the legislation was
> originally intended
> to protect privacy though.
>
> There are sufficient exemptions contained within the DPA to
> allow for no
> individual privacy at all, should it be wished. The DPA is
> clearly there
> primarily for organisational and commercial protection, rather than
> protecting an individuals privacy.
>
> Which is why it provides so many opportunities for
> organisations to abuse
> the individual trust put in them.
>
> Consider High Speed Gas and Goldfish. Was that a one off,
> which people
> learned from, or are similar abuses ongoing today?
>
> Ian W
>
> > -----Original Message-----
> > From: This list is for those interested in Data Protection issues
> > [mailto:[log in to unmask]]On Behalf Of Turner,Tim
> > (Corporate Resources)
> > Sent: 13 February 2003 10:17
> > To: [log in to unmask]
> > Subject: Re: What Use is Notification?
> >
> >
> > Without wishing to create a huge digression...
> >
> > This question presupposes that the Data Protection Act
> might exist to
> > protect privacy. The word privacy does not appear anywhere in
> > the Act. The
> > emphasis on privacy that comes from the Information
> > Commissioner relies on
> > Article 8 of the Human Rights Act and the subsequent link
> > with the 'lawful'
> > bit of DPA, rather than anything inherent in DPA that
> > protects privacy. I've
> > always thought the Data Protection Act as a series of
> > procedures to regulate
> > how personal information is used, rather than something
> based on more
> > fundamental principles. If we have a right to privacy, it's from the
> > European Convention on Human Rights, rather than DP.
> >
> > Therefore my answer to this question is definitely yes.
> >
> > Just a thought
> >
> > > -----Original Message-----
> > > From: Ian Welton [SMTP:[log in to unmask]]
> > > Sent: Thursday, February 13, 2003 9:49 AM
> > > To: [log in to unmask]
> > > Subject: Re: [data-protection] What Use is Notification?
> > >
> > > So is data protection more about assuring accuracy of a
> > data subjects data
> > > and then giving control to an organisation
> > > as a means of facilitating organisational efficiency and
> > social cohesion
> > > than protecting individual privacy?
> > >
> > >
> >
> >
> >
> **********************************************************************
> > This email and any files transmitted with it are confidential and
> > intended solely for the use of the individual or entity to whom they
> > are addressed. If you have received this email in error
> please notify
> > the system manager.
> >
> > This footnote also confirms that this email message has
> been swept by
> > MIMEsweeper for the presence of computer viruses.
> >
> > www.mimesweeper.com
> >
> **********************************************************************
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > All archives of messages are stored permanently and are
> > available to the world wide web community at large at
> > http://www.jiscmail.ac.uk/lists/data-protection.html
> > If you wish to leave this list please send the command
> > leave data-protection to [log in to unmask]
> > All user commands can be found at : -
> > www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
> > (all commands go to [log in to unmask] not the list please)
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|