Antoinette,
My first thought would be that you'd have to apply the local (higher)
standards but then having signed up to the EU Poland is not supposed to do
anything which could be construed as a barrier to trade. So if the
additional requirements/restrictions of Polish law amount to protectionism
then someone is bound to challenge it.
Jo
----- Original Message -----
From: Antoinette Carter <[log in to unmask]>
To: <[log in to unmask]>
Sent: Tuesday, November 30, 2004 4:41 PM
Subject: [data-protection] Poland DPA
I have been contacted by our office in Poland, who were one of the ten
countries to join the EU this year. The Polish DPA appears to set much
higher standards with regard to system user access/security than we do
in the UK. For example, they insist that users' passwords are changed
at least every 30 days. Our corporate policy is to apply the UK DPA
globally unless local legislation is stronger, which appears to be the
case here. But on reading the text of the Polish Act, Article 4 reads
"The provisions of the Act shall apply, save where otherwise provided
for by any international agreement to which the Republic of Poland is
party." Would you construe from this that signing up to the EU is just
such an international agreement, and that it is sufficient for us (as
registered data controllers in the UK) to continue to apply the UK
standards rather than the Polish. Any thoughts would be much
appreciated....
Antoinette Carter
Data Protection Officer
Tel: 0207 389 4970
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|