The issue is, I think, not "protecting committee members after the event",
but in the response to the SAR. We need to separate the two items:
A) A committee member has allegedly "done a wrong thing"
B) The detailed notes of the committee as they relate to the data subject
have been requested by an SAR
I think we have to dispose of item (A) immediately. The committee has a
duty to act responsibly and fairly in all its doings. They are paid or
co-opted or volunteer to act impartially and in the best interests of the
organisation. If a committee member has "done a wrong thing" then the
existing formal procedures to investigate that and correct it must be
followed.
It is item (B) that we need to concern ourselves with. Were this to be
anything other than an interview panel or a promotion board my instincts
would say that redacting (wheee, I just learnt that term! Now I will have
to use it wherever possible) the notes would be appropriate. But the
committee is a formally constituted body that met for the sole and
attributable purpose of promoting candidates. While one might argue that
individual members would have wished to be told about the potential for an
SAR after the event, such a notification was not legally necessary. We have
to be concerned about the law rather than about fairness.
A valid approach might be to *offer* redacted proceedings to the data
subject in the expectation that this fulfils their need for information, but
I feel you have to be prepared to pass or show full copies if the data
subject demands it. It is highly likely that the data subject will be
making some form of formal complaint after receiving the data. You do not
wish to be another party complained of here. The committee must stand or
fall by its own actions. The DPO role is to act for the organisation, not
for the committee, and to protect the rights of the data subject.
I do agree it is a challenge because the committee members are also data
subjects and have rights, but I believe that the accountable nature of the
committee would be seen by "the man on the London Underground" (the new
"reasonable man") to be something that opens committee members to
inspection.
Tim Trent - Consultant
Direct: +44(0)1344 392644 Mobile:+44(0)7710 126618
email: [log in to unmask]
Marketing Improvement Limited, Abbey House, Grenville Place, Bracknell,
United Kingdom, RG12 1BP
http://www.marketingimprovement.com
This message is for the intended addressee's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mis-transmission. If
you receive this message in error, please immediately delete it and all
copies of it from your system, destroy any hard copies of it and notify the
sender. You must not, directly or indirectly, use, disclose, distribute,
print, or copy any part of this message if you are not the intended
recipient. Any views expressed in this message are those of the individual
sender, except where the message states otherwise and the sender is
authorised to state them to be the views of any such entity.
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Roland Perry
Sent: Monday, October 18, 2004 2:07 PM
To: [log in to unmask]
Subject: Re: [data-protection] Consent
In message <[log in to unmask]>, at 13:07:40 on Mon, 18 Oct 2004,
Gwenan Owen <[log in to unmask]> writes
>As part of our promotions committee procedures members of the committee
>are given sheets where they "rank" individuals, having read through the
>individuals' submissions and any references. The promotions committee
>members were not told in 2004 that their comments might be made
>available to the individual concerned (something we are going to change
>for the 2005 round).
If the fear is reprisals against the committee members, would it be possible
to supply the ranking data without correlating with the committee members;
retyping if necessary?
--
Roland Perry
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|