There are two streams of thought happening here, I think
1) Any business may alter its terms of trading, which must surely include
its privacy policy, at any time, and with whatever notice it deems
appropriate
2) When terms of trading are changed customers may feel at a disadvantage
The issue is whether a change may be retrospective, though. I submit that
it may not be if it is to the disadvantage of other parties.
For example prior to 11 December we had a privacy policy which allowed for
pre 2002/58/EC methods of working. On the day we altered our policy to meet
the new SI. We imposed on *ourselves* a tighter regime, and acted
retrospectively on any data that had not given consent to be marketed to by
not marketing to it electronically.
The true issue is rogues who alter a privacy policy (which is a contract) in
their favour and then proceed to spam the bejasus out of their database.
May they rot in SPEWS blacklists for ever ;)
Tim Trent - Consultant
Direct: +44(0)1344 392644 Mobile:+44(0)7710 126618
email: [log in to unmask]
Marketing Improvement Limited, Abbey House, Grenville Place, Bracknell,
United Kingdom, RG12 1BP
http://www.marketingimprovement.com
This message is for the intended addressee's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mis-transmission. If
you receive this message in error, please immediately delete it and all
copies of it from your system, destroy any hard copies of it and notify the
sender. You must not, directly or indirectly, use, disclose, distribute,
print, or copy any part of this message if you are not the intended
recipient. Any views expressed in this message are those of the individual
sender, except where the message states otherwise and the sender is
authorised to state them to be the views of any such entity.
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Duncan Smith
Sent: Tuesday, July 20, 2004 11:09 AM
To: [log in to unmask]
Subject: [data-protection] Privacy Policy changes
The text below is indicative of many www sites we are asked to review, and
the question remains unanswered as to whether this is legal (acceptable)
practice. The number of times we see it occurring versus the number of
prosecutions might suggest that it is acceptable practice!
" we may amend this policy from time to time, at our discretion. If we make
any substantial changes in the way we use your personal information we will
notify you by posting the changes here on these Privacy Policy pages. If you
have more questions or comments, please send your feedback ..."
The obvious conflict is in the 'assumption of consent without response' - If
the data controller were to make any 'substantial changes', surely this
would require consent i.e. a positive action on behalf of the data subject?
I have noticed my bank doing similar things (via post) with changes to terms
and conditions (usually related to transfers outside of the EEA).
Any views?
Duncan Smith
Managing Director
iCompli Limited Northampton UK
t: 08707 70 48 66 f: 08707 70 48 69 m: 07775 56 81 80
Mailto:[log in to unmask] Web: www.icompli.co.uk
<http://www.icompli.co.uk/>
"Compliance in your language"
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|