Paul Ticher on Thursday, December 18, 2003 at 3:10 PM said:-
> What is
> dangerous is an efficient information system with no system
> of oversight, or with significant restrictions on subject access.
Quite. I was under the impression that police intelligence had a formulated
set of rules which had been agreed nationally, were fully compliant with DP
and police requirements, and were then implemented locally. I suppose, with
relating to sensitive data, they were locked away, so only the appropriate
people had access to them; Exactly the type of situation which can often
lead to things being forgotten over time, and one DP practitioners sometimes
find frustrating.
Ian W
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> Paul Ticher
> Sent: Thursday, December 18, 2003 3:10 PM
> To: [log in to unmask]
> Subject: Re: DP weeding
>
>
> My rule of thumb for Principle 5 is: "If it is conceivable
> that someone might ask you for the information in the future,
> and it would matter that you didn't have it, then it is still
> 'necessary' to keep it." I know this just moves the issue to
> whether it would 'matter' - and to whom - but I do think
> there can be a public interest justification for keeping
> information even if the Data Subject doesn't want you to.
> The retention has to be 'fair', of course, which is not the
> same as saying that the Data Subject must agree. (It's fair
> to send the kids to bed in good time when there's school the
> next day. That doesn't mean they like it.)
>
> Data Protection - especially in the public sphere - is often
> about balancing different interests, so these concerns won't
> go away. But I must say I'm a bit surprised that the police
> apparently have such ineffective data systems. I took it for
> granted that the state already had this massive amount of
> carefully compiled data on everyone, and the arguments were
> about whether they should keep even more. Obviously not. If
> they did, the key balancing safeguard is subject access, so
> that unfair or inaccurate data can be challenged. What is
> dangerous is an efficient information system with no system
> of oversight, or with significant restrictions on subject access.
>
> Paul Ticher
> 0116 273 8191
> 22 Stoughton Drive North, Leicester LE5 5UB
>
> I hereby require any recipient of this message not to use my
> personal data for direct marketing purposes.
>
>
> ----- Original Message -----
> From: "Peter Lane" <[log in to unmask]>
> To: <[log in to unmask]>
> Sent: Wednesday, December 17, 2003 9:37 PM
> Subject: Re: DP weeding
>
>
> > Ian makes an interesting point . . .
> >
> > "I had also been under the firm impression there were nationally
> > agreed weeding rules for many police computing systems".
> >
> > There are nationally agreed weeding rules, formulated by ACPO and
> > signed
> off
> > by the Information Commissioner. I was involved in one issue
> > following
> the
> > introduction of the ACPO weeding rules whereby an individual had
> complained
> > (S.42) that their conviction (violence) was being retained
> on the PNC.
> The
> > compliance manager at the Commissioners Office made it quite clear
> > that notwithstanding the fact that the retention was in
> line with the
> > weeding rules, in this particular case the conviction should be
> > removed as it was breaching the 5th principle. I do not
> know how the
> > issue was finally resolved as I believe it went back to the
> ACPO Data
> > Protection Committee
> for
> > consideration. In one sense it seems that the Police can
> not do right
> > for doing wrong. I can however see the Information Commissioners
> > point of
> view
> > though (they have already responded to Channel 4 news) that a
> > judgement needs to be taken in each case. As Ian points out I was
> > also under the impression that the type of intelligence as
> described
> > in the Soham case could be retained by the Police as long
> as regular
> > review periods were documented and maintained.
> >
> > Peter Lane
> >
> >
> > -----Original Message-----
> > From: This list is for those interested in Data Protection issues
> > [mailto:[log in to unmask]]On Behalf Of Ian Welton
> > Sent: 17 December 2003 20:04
> > To: [log in to unmask]
> > Subject: DP weeding
> >
> >
> > I heard with interest a comment made in a BBC news item tonight
> > relating
> to
> > the Soham case:-
> >
> > http://news.bbc.co.uk/1/hi/uk/3328533.stm
> >
> > Quote:-
> >
> > " 'Differing interpretations'
> > The second weakness related to the 1984 Data Protection
> Act. "We had
> > been informed by the Information Commissioner that the Data
> Protection
> > Act does not allow retention of information purely for
> employment
> > vetting," he said.
> > He said there were differing interpretations of what was
> required by
> > different agencies. Mr Westwood said: "We face here the
> contradictory
> > nature of two public policies.
> > "First is the Data Protection Act which requires the removal of
> information
> > relating to individuals.
> > "Secondly is the retaining of information to protect vulnerable
> > people. "There is no national guidance on this. It is urgently
> > needed." He told journalists he would support any change in
> the law to
> > come from
> the
> > Soham case, and welcomed the inquiry announced by the home
> secretary
> > following Wednesday's murder verdicts. "
> >
> > Given the seriousness of the issues raised by the case, clearly
> > matters
> need
> > resolving by the proper authorities.
> >
> > How does DP determine the weeding criteria for personal data now?
> >
> > It used to be that the users/controllers debated the
> retention period
> > and came to a consensus, based upon as firm a set of facts as
> > possible, about the proper retention for the material in question,
> > then, as determined by the data controller, either
> programatically or
> > manually conducted the weeding. I had also been under the firm
> > impression there were nationally agreed weeding rules for
> many police
> > computing systems.
> >
> > Has this changed, or are different processes to determine retention
> > now in operation?
> >
> > Ian W
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > All archives of messages are stored permanently and are
> > available to the world wide web community at large at
> > http://www.jiscmail.ac.uk/lists/data-protection.html
> > If you wish to leave this list please send the command
> > leave data-protection to [log in to unmask]
> > All user commands can be found at : -
> > http://www.jiscmail.ac.uk/help/commandref.htm
> > (all commands go to [log in to unmask] not the list please)
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > All archives of messages are stored permanently and are
> > available to the world wide web community at large at
> > http://www.jiscmail.ac.uk/lists/data-protection.html
> > If you wish to leave this list please send the command
> > leave data-protection to [log in to unmask]
> > All user commands can be found at : -
> > http://www.jiscmail.ac.uk/help/commandref.htm
> > (all commands go to [log in to unmask] not the list please)
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list
> please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|