Ian
Thanks for observation re vicarious liability?
Summarised - If an employer sucessfully defends vicarious liability re email
content can they then be considered owner of the email.
Can an employer deny vicarious liability?
Im intrigued as to the question of who owns the email content (both sender
and recipient ends need resolving). There does appear too many conflicting
arguments which cannot be resolved at present. If employers at the sending
end do not own emails can they lawfully monitor emails content?. From the
Human Rights Act position what is definition of 'correspondence'? Is the
destination address part of 'correspondence content'? In a letter that can
be seen by all in the delivery chain?
So many question so little clarity. How can a DPA professional get to
understand all the issues, what is the cost of their training to data
controllers? Isn't clarity what the Commissioner is now saying he wants to
improve in his R4 Today broadcast?. Will we ever get there I wonder. Wheres
the endorsement of professional qualifications for compliance advisors?. Is
the OIC ensuring all their staff obtain a recognised DPA qualification?.
Questions Questions. If anyone has the answers on this list please share. Im
feeling intellectually challenged or it just my age.
David Wyatt
.
----- Original Message -----
From: "Ian Welton" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Thursday, January 15, 2004 10:17 AM
Subject: Re: [data-protection] Employee Emails
> Davidwyatt on Thursday, January 15, 2004 at 12:58 AM said:-
>
> > 3: Employer has vicarious liability for activities of
> > employees so has to have control.
>
> Point of interest - Where the employer documents a denied liability
> (assuming compliance with unfair consumer terms), do they still maintain
> control and hence are allowed access. Or would that abrogation of
> responsibility also deny access for that particular matter?
>
> Ian W
>
> > -----Original Message-----
> > From: This list is for those interested in Data Protection
> > issues [mailto:[log in to unmask]] On Behalf Of davidwyatt
> > Sent: Thursday, January 15, 2004 12:58 AM
> > To: [log in to unmask]
> > Subject: Re: Employee Emails
> >
> >
> > Some bullet point observations which may assist analysis.
> >
> > 1: Information compiled in the employers time an on the
> > employers equipment belongs to the employer.
> >
> > 2: Issues could arise if employer policies permits employees
> > to use their time an equipment for personal use.
> >
> > 3: Employer has vicarious liability for activities of
> > employees so has to have control.
> >
> > 4: Employer inestigatory processes ought to be consistantly
> > applied e.g. the triggers for any investigation should be
> > documented and applied to all employees regardless of level.
> >
> > 5: The DPA use is Staff administration
> >
> > 6: First Principle compliance re notice should be considered
> > at either recruitment or when individuals are granted access
> > to email tools. If no notice then processing is arguably unlawful.
> >
> > 7: Processing condition likely to be legitimate interests
> > (Sch2 Item6) but to assess these the actual data items detail
> > in context required..
> >
> > 8: Retention of email data should have a policy. It could be
> > anything from a short designated period to the duration of
> > the employer contract. Judgement has to be made but it should
> > be consistent for all email users of the data controller employer.
> >
> > 9: Appropriate Security leads you to having controlled
> > investigations. ie have you a designated and trained
> > investigator who understands system weaknesses re integrity
> > of email systems.
> >
> > 10: Im advised by in-house lawyer that Employment contracts
> > are Consumer contracts. Therefore the Unfair Terms in
> > Consumer Contracts Act would apply. This grants powers to the
> > Information Commissioner to challenge any unfair contract
> > terms, ie those which would be in Breach of DPA principles,
> > which an employer may wish to impose on employees. Hence the
> > need to be consistent in the manner data relating to
> > employees are treated.
> >
> > Anyone disagree with any of the above ?
> >
> > David Wyatt
> >
> >
> > ----- Original Message -----
> > From: "Joanna Diamantopoulos" <[log in to unmask]>
> > To: <[log in to unmask]>
> > Sent: Wednesday, January 14, 2004 5:20 PM
> > Subject: [data-protection] Employee Emails
> >
> >
> > > There is probably a easy answer to this one. If an
> > employer suspects
> > > an employee has misused the email system by sending items
> > off that are
> > > directly against internet and email policy that has been
> > signed off by
> > > the employee, can the employer have access to the sent item box to
> > > determine whether there has been misuse and the extent of
> > that misuse
> > > and then use
> > it
> > > as evidence in disciplinary procedures? What is the dp standing on
> > > this?
> > >
> > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > > All archives of messages are stored permanently and are
> > > available to the world wide web community at large at
> > > http://www.jiscmail.ac.uk/lists/data-protection.html
> > > If you wish to leave this list please send the command
> > > leave data-protection to [log in to unmask]
> > > All user commands can be found at : -
> > > http://www.jiscmail.ac.uk/help/commandref.htm
> > > (all commands go to [log in to unmask] not the list please)
> > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > All archives of messages are stored permanently and are
> > available to the world wide web community at large at
> > http://www.jiscmail.ac.uk/lists/data-protection.html
> > If you wish to leave this list please send the command
> > leave data-protection to [log in to unmask]
> > All user commands can be found at : -
> > http://www.jiscmail.ac.uk/help/commandref.htm
> > (all commands go to [log in to unmask] not the list
> > please)
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|