At least you have had consistent advice twice. I have lost count of the
number of times I phoned to clarify some advice given, only to be told
something else. I rarely contact the ICO now, I find places such as this
forum more stimulating and relevant, and I find that I can take the views
given and develop a view that I believe to be correct - and check it with
legal teams after of course!
Simon Howarth.
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Arthur Howell
Sent: 10 August 2004 12:09
To: [log in to unmask]
Subject: [data-protection] Non Disclosures to Data Subjects - not advising
them
This may be of interest.
The original question to the IC Office was:-
I recently telephoned to get clarification on whether we should advise the
Data Subject that we are not disclosing certain confidential information, I
was advised that we need not inform the Data Subject, I am somewhat
disturbed by this advice.
If the information pertains to an investigation (crime and taxation ,
distress may be caused etc) and there is an exemption and we need not
advise, then there is no issue however, if it is a duty to confidentiality
only I believe the Data Subject has a right to be informed that we are not
disclosing for that reason (they can then challenge that decision through
the courts etc).
If we do not inform the Data Subject that we are withholding information
then this goes against the very reason for the Act in that he/she has a
right to know whether we hold information and if so a copy unless we cannot
disclose (Fairly and Lawfully?).
I would like a definitive statement as to whether we should always advise
the Data Subject that we are not disclosing unless an exemption applies.
of the Act.
The reply from the IC Office is:-
________________________________________________________________
I can confirm that the information provided to you by the Helpline is
correct. When responding to a subject access request, the data controller is
required to do various things however there is no requirement that the
individual concerned be told of any exemptions that have been applied or
about information that has been withheld.
The Act merely requires that data controllers supply individuals with access
(usually copies) of all that personal data that the Act requires to be
provided in response to the request.
There is no legal requirement to advise individuals if or why any
information has not been supplied in response to a subject access request
however there is also no bar on this being provided on a voluntary basis -
this is entirely up to the data controller to decide.
As you say there are circumstances (eg s29) where it may not be sensible to
provide such information. Ultimately it is for the data controller to take a
view on this voluntary action.
______________________________________________________________
My faith in the DP Act is diminishing.
Arthur
Bath & North East Somerset Council
**********************************************************************
The views and comments expressed in this email are confidential to the
recipients and should not be passed on to others without permission. This
email message does not necessarily express the views of Bath & North East
Somerset Council and should be considered personal unless there is a
specific statement to the contrary.
This footnote also confirms that this email message has been checked for all
known viruses by the MessageLabs Virus Scanning Service.
Making Bath & North East Somerset a better place to Live, Work and Visit.
**********************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|