Data - from the dictionary
Originally, data was used solely as the plural of datum, but it has
increasingly come to be used as a singular, in such constructions as
'the data is', 'this data', 'much data', 'two items of data'.
Nic
-----Original Message-----
From: davidwyatt [mailto:[log in to unmask]]
Sent: 16 June 2004 00:04
To: [log in to unmask]
Subject: Re: Email address is personal data?
OK Charles Im bored again
I don't dispute an email address should be unique thats an IT system
perspective. However human error shows this is not always true.
However giving the drafting of the Act a single item of information on
its
own cannot be personal data (data being plural) so arguing an email
address
is personal data is false. Even a 'name' on its own is not personal data
but
simply a datum. How can a name be proved unique?
Moving swiftly on to the element of the definition 'data which may come
into
the possession of the data controller'. If your data is not uniquely
identifiable in the first place how can you be sure you have a correct
match
with third party data sources even if you can lawfully have access their
data. e.g J Smith = J Smith or email address = email address? I
accept
that many matching processes are more sophisticated than this but many
also
have errors in assumption. The risks from data mismatch and sharing were
drivers for granting individuals legislative rights in respect personal
data
processing transparency and access.(But balancing the access right via
drafting with a discretion given to judges to overule access rights aka
Durant)
Then theres a question of lawful disclosures to allow data to be shared.
Leaving aside criminal investigations or stautory obligation, is the
lawful
means of obtaining personal data from sources other than the data
subject as
common as we may believe. Im not aware of any controller who has advised
me
when collecting data from me it will disclose to anyone who asks.
Certainly
not my ISP who manages my subscriber details and can connect such data
with
my email addresses.
All the above are technical arguments but are possible as avenues of
exploration in disputes.
In practice however DPA compliance boils down to simply a risk
assessment
exercise by each controller.
Can I have a subject access by email now? ;-) ZZZZZZZZZzzzzzzzzzzzzzzz
sleep.
David Wyatt
----- Original Message -----
From: "Charles Christacopoulos" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Tuesday, June 08, 2004 1:31 PM
Subject: Re: [data-protection] Email address is personal data?
** Reply to note from Tony Bowden <[log in to unmask]> Tue, 8 Jun 2004
13:12:26 +0100
> > "[log in to unmask]" is sufficient to identify me
whereas
> > "enquiries@.." is not.
>
> What if multiple people in the same company have the same name?
I think David Wyatt was bored last night
The email address will be still unique. So if you have a J(ohn) Smith
who
is at
marketing and a J(oanne) Smith at manufacturing the email system will
have
to be
able to separate them. In our case we add extra initials, others may
use
subdomains etc.
Unless one of the very basics of the act has fallen on its head, ie.
that
personal
data are any information which can be used to identify a living
individual
which
and which is in the posession or may come in the posession of the data
controller.
So even if one does not know who [log in to unmask] is ... if together with
other information it can be used to identify a living individual then it
is
personal
data.
My point is that in most instances an email address will be personal
data
EVEN if
it does not show a person's actual name on it.
The exception to the rule would be the so called generic addresses, eg.
[log in to unmask] which could be answer by a team of people ... and if the
responses do not include the sales person personal details.
Charles
--
Charles Christacopoulos, Management Information Officer,
Planning & Information, University of Dundee, Dundee, DD1 4HN,
Scotland, United Kingdom. Tel: 44(0)1382-344891. Fax: 44(0)1382-348845.
http://www.somis.dundee.ac.uk/ ::egothor http://www.egothor.org/
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|