However, surely post-FOI 2005, as a public authority a University would be
obliged to consider some of these manual filing systems as unstructured
personal data, and thus, they'll be accessible. So it's only wrong for 11
months.
Tim Turner
Data Protection Officer
Wigan Council
> ----------
> From: Pounder Chris[SMTP:[log in to unmask]]
> Reply To: Pounder Chris
> Sent: 06 February 2004 10:30
> To: [log in to unmask]
> Subject: Re: [data-protection] Guardian article
>
> Obviously wrong. Post Durant many manual filing systems of personal
> details are not personal data. In the era of political correctness we must
> advise Warwick students to "reperson the barracades" or "burn their D-cups
> and lunchbox holders" in protest
>
> C
>
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]] On Behalf Of Matthew Nunn
> Sent: 06 February 2004 09:52
> To: [log in to unmask]
> Subject: Guardian article
>
>
> To see this story with its related links on the EducationGuardian.co.uk
> site, go to http://education.guardian.co.uk
>
> The devil's in the detail
> The Data Protection Act is surely a good thing, but it was not designed
> with universities in mind. John Sutherland finds that using academic
> information raises difficult questions John Sutherland Thursday February
> 05 2004 The Guardian
>
>
> The wheel has come full circle. Thirty-five years ago an intrepid commando
> of student rebels "occupied" the central offices of Warwick University.
>
> Rifling the filing cabinets they discovered what awful things the
> pinstriped gerontocrats were saying about them. The cry went up: "No
> secret files!"
>
> When the Data Protection Act (DPA) came into force on March 1 2000 that
> mission was accomplished. Notionally at least, British universities now
> operate in a utopian condition of full bureaucratic openness and candour.
>
> Happy days. The secret file was, it would seem, a thing of the past.
>
> The University of Exeter (a singularly well run institution) circulates a
> leaflet - Data Protection: What's it all About? - to new members of
> staff. The assumption, perhaps optimistic, is that older hands need no
> instruction on the topic.
>
> Exeter's leaflet is written in chatty sub-legal style. It outlines the
> eight main principles of the DPA and has a "let's get down to brass tacks"
> panel of FAQs.
>
> Despite the reassuring tone ("It helps not to think of data protection
> (DP) as a nasty legal trap") there remain a number of niggling anxieties
> for the thoughtful academic.
>
> Take, for example, the fifth DP principle: "Personal data processed for
> any purpose or purposes shall not be kept for longer than is necessary".
> Necessary, one deduces, implies "for the original purpose for which it
> was gathered".
>
> The Soham case revealed the dangers of file purging as Huntley's hidden
> apprenticeship in pederastic rape and murder emerged. There are less
> appalling, but nonetheless worrying, consequences of the "clean slate"
> principle for universities.
>
> My institution, UCL, has a remarkably full college archive going back to
> the institution's origins in the reform movement of the 1820s. Before
> taking up my chair I went back and looked at the files of my predecessors.
>
>
> Their personal dossiers, and the comments on the unlucky candidates for
> the post, were breathtakingly frank: "dull", "lacking in initiative",
> "second rate", "brilliant but unstable". There were also details of
> personal background, which it would now, I think, be criminal either to
> inquire about or to store beyond immediate usefulness.
>
>
>
> Does archival relevance come under the rubric of "necessary keeping"? I
> suspect not. Librarians, particularly those curating historical
> documents, will have to adjust their parameters.
>
> The effects of the DPA are visible in university corridors and public
> places insofar as it is now against the law to post examination results by
> name. No longer will a student see a notice proclaiming they have a first.
> It is a moot point as to whether even prizewinners' names can be
> publicised, or "divulged".
>
> Just as it was once impossible to find out what John Major's O-level
> results were, it will be difficult to uncover what class of degree a prime
> minister achieved if he or she graduated after 2001. Will employers be
> able to check that CVs are correct?
>
> This is another awkward thought arising from the Huntley case: what is the
> point of a background check when the background is legally sealed or
> legally erased? Will the DPA turn out to be a liars' charter? It probably
> will.
>
> The most perplexing aspects of the DPA are those which affect the
> exchange, release and confidentiality of information. As always, hard
> cases will test the new Act.
>
> My department rejects around a dozen applicants for every one it accepts.
> Will those rejected be able to argue the toss in future, on the basis of
> the interviewers' notes? I think they will. One foresees hassle. And,
> possibly, some justice at the end of it all.
>
> The act draws a clear-cut line between personal data and sensitive data.
> Literary studies (Is Orwell a radical socialist or an embryonic Neo-Con?
> Discuss) tend to blur those lines.
>
>
> One must, in future, be careful in choosing one's words when recording
> comments on a student's performance; one must be careful of those points
> where personal conviction blends into critical judgement.
>
> Every student, by legal right, can make a subject access request via the
> DP office. It costs £10 - a fee designed less to generate revenue than to
> inhibit frivolous or nuisance applications.
>
>
> If comments are negative ("this student has been lazy, inattentive, and -
> frankly - dishonest about the amount of work he has done"), then would
> they be actionable, or legally contestable?
>
>
> They probably would. Of course, it is probable that few teachers will be
> foolish enough to consign "frank" criticism to paper or any other storage
> device. That, too, may be a good thing.
>
> How free is one to circulate data? This seems very tricky. My department,
> for example, has a students' progress system in which information about
> students is exchanged between leaders of different seminars. If consigned
> to paper, such information would, I think, be dubiously legal. Internal
> data transfer is a potential minefield. What is "internal"?
>
> The data transfer issue has further ramifications. Parents and guardians
> are, in the future, going to pay much more for the university education of
> their offspring. How long, one wonders, before - as in America - a second
> mortgage is needed to put a child through college. (What is the "package"
> at Harvard, $40,000 a year?)
>
> And there is one thing about which the DPA is crystal clear. As the Exeter
> FAQ puts it:
>
> "Can we disclose information about a student to their relatives, and
> guardians and to sponsors?" "No."
>
> Can one give progress reports, then, to a grant-awarding ("sponsoring")
> body, such as the British Academy? If so, how are parents, bleeding
> themselves dry to put their child through university, different from the
> BA? Is the school report to parents now a thing of the past, assuming the
> pupil is 18 or over?
>
> Much time, for the serving academic, is demanded by the "reference".
> Increasingly, however, references are pointless. Why? Because they are so
> bland. Why? Because referees are so careful about the consequences of what
> they might say. As in the bad old days of the 1960s and the open reference
> ("No secret letters!") one typically gets off-the-record phone calls:
> "Tell me, what is this person really like?"
>
> It is hard for liberal institutions such as universities not to welcome a
> liberal measure such as the DPA. Freedom of information is a good thing.
>
> But the shoe fits awkwardly. It is clear that the framers of the Act were
> thinking principally of data banks and the gathering of information about
> citizens by financial institutions, credit-rating agencies, police,
> employers, government departments - even supermarkets. Typically such
> information is, in itself, as neutral as the term "data" suggests.
>
> It is different for universities. They are typically in a critical or
> judgmental relationship to their student populations.
>
> When one writes a progress report it is not data, it is opinion. It is
> not: "Where was he on February 2?" It is, rather: "I don't think he is
> getting the hang of it, and I seriously doubt he will in time for the
> examination." The DPA is, I think, weak on opinion.
>
> Well, whether or not the shoe fits we will have to wear it. Even if it
> means cutting off a toe or two. And I would advise getting hold of the
> Exeter leaflet: it deserves this year's Booker Prize for bumf.
>
> Copyright Guardian Newspapers Limited
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> __________________________________________________________________________
> __________________________
> This e-mail has been scanned for all viruses by Star Internet using
> MessageLabs SkyScan services. For more information visit: www.star.net.uk.
> __________________________________________________________________________
> ____________________________
>
>
> ______________________________E-mail confidentiality
> __________________________________ This message is intended for the
> addressee only. It is private, confidential and may be covered by legal
> professional privilege or other legal or attorney/client privilege. If you
> have received this message in error, please notify us and remove it from
> your system. If you require assistance, please contact our London office
> (telephone +44 (0) 20 7490 4000). Masons is an international law firm with
> offices in London, Bristol, Edinburgh, Glasgow, Leeds, Manchester,
> Brussels, Dublin, Hong Kong, Shanghai and Singapore. Further information
> about the firm and a list of partners is available for inspection at 30
> Aylesbury Street, London EC1R OER or from our Web site at www.masons.com
>
> This e-mail has been scanned for all viruses by Star Internet using
> MessageLabs SkyScan services. For more information visit: www.star.net.uk.
> __________________________________________________________________________
> _______________
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses using Sophos
anti-virus software.
www.mimesweeper.com
www.sophos.com
**********************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|