On Fri, Jan 16, 2004 at 08:56:21AM -0000, Turner,Tim (Corporate Resources) wrote:
> > Under this new approach, I suspect that most organisations will be able
> > to relax their DPA procedures significantly, and that many of those
> > currently employed in full-time Data Protection roles could be out of
> > a job within a year.
> I don't really follow this line of thinking. The judgement on Durant may
> limit the definition of personal data, but it doesn't obscure the concept
> completely.
Not completely, but substantially.
> There is still plenty of personal data to be protected,
> especially if you're in the public sector where we are being driven
> hard towards a future where more data is stored automatically.
I'm talking more about the private sector. In the public sector, as many
people have noted, there is more of a blurring going on as to what is
DP and what is FOI.
> Organisations might be able to provide less information in response
> to a subject access request, but given current expectations, if we try
> to limit the amount we give out too severely, we'll be challenged and
> harassed.
The OIC are telling people that the data they are entitled are not much
more restricted than pre-Durant. Commerical organisations, who have a
different set of driving forces to the public sector, will undoubtedly
see this as a way of saving money on Data Protection compliance costs.
> And nothing in Durant removes the duty under DP to protect data as
> described in the principles. If we all start to play fast and loose with
> people's data on the basis that Durant means never having to say you're
> sorry, we'll be lynched.
Indeed. But without the scrutiny of individual subjects trying to discover
how their data is being used, only serious breaches will come to light.
Tony
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|