> Paul Ticher on Friday, January 16, 2004 at 11:52 AM quoted Tony Bowden and
also said:-

> "it seems likely that in light of the Durant Ruling the 
> purpose of section 7 of the DPA 1998 is to enable an 
> individual to check whether a data controller's processing of 
> his persona data unlawfully infringes his privacy."
> 
> Not being a lawyer, I don't see how that interpretation 
> squares with the lack of any statement in the Act restricting 
> the purpose in such a way.

Being interested in privacy, but having avoided the broader context directly
in that particular matter - the above statement could be interpreted as a
broader interpretation of section 7 - from access to personal information -
to access pertaining to unlawful infringement of privacy.

Whose (or which) definition of privacy is to be used in determining what
access is required to enable the identification of unlawful infringement?
What constitues unlawful infringement? I suppose to some extent it will
depend on how different individuals understand that statement.  

Will the different definitions pertinent within the different sectors/social
groups be used, what happens when different definitions exist on both sides
of the debate?

N.B. if group members have definitions of privacy I would be interested in
them.

Ian W


> -----Original Message-----
> From: This list is for those interested in Data Protection 
> issues [mailto:[log in to unmask]] On Behalf Of 
> Paul Ticher
> Sent: Friday, January 16, 2004 11:52 AM
> To: [log in to unmask]
> Subject: Re: OIC and Durant
> 
> 
> Tony Bowden quoted the Commissioner in part as saying:
> 
> "it seems likely that in light of the Durant Ruling the 
> purpose of section 7 of the DPA 1998 is to enable an 
> individual to check whether a data controller's processing of 
> his persona data unlawfully infringes his privacy."
> 
> Not being a lawyer, I don't see how that interpretation 
> squares with the lack of any statement in the Act restricting 
> the purpose in such a way.
> 
> It also worries me considerably.  It's not just infringement 
> of privacy we should be concerned about but also inaccuracy, 
> inadequacy, irrelevance, excess data, retention longer than 
> necessary etc.  Some breaches of Principles can be deduced 
> without a Subject Access Request (use for non-specified 
> purposes, for example), but for Principles 3, 4 and 
> potentially 5 a SAR is the Data Subject's main method of 
> obtaining proof. Why would the Act provide powers for the 
> courts to order rectification if there was no means of 
> proving that the information is wrong in some way?
> 
> Also, I wouldn't drop the term Data Subject too readily.  
> Obviously we should all talk about people and individuals in 
> preference, but occasionally it pays to be precise.  People 
> don't have the right to see all the information held about 
> them; Data Subjects have the right to see all the Personal 
> Data held about them (with some exceptions).  If we lose 
> sight of the difference we will end up with more confusion, not less.
> 
> Paul Ticher
> 0116 273 8191
> 22 Stoughton Drive North, Leicester LE5 5UB
> 
> I hereby require any recipient of this message not to use my 
> personal data for direct marketing purposes.
> 

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^