***** This email was sent via the INTERNET *****
I don;t think anyone is but reasonableness comes into the equation. I have avery good relationship with the ICO who have more than their fair share of work to contend with and not enough money to do so and therefore issues such as this may not take top priority but someone selling databases left right and centre may be dealt with more severely (if it can be proved).
D
-----Original Message-----
From: Atkinson, C. [SMTP:[log in to unmask]]
Sent: 05 October 2004 16:28
To: [log in to unmask]
Subject: Re: [Maybe Spam] Re: [data-protection] Third party response conse nt. Was - RE: SAR and compliance calendar days
***** This email was received from the INTERNET *****
Are you suggesting that it is OK for a data controller to breach the DP Act on the grounds that there is little likelihood of getting caught?
-----------------------------------------------------------------------
Colin Atkinson
Data Protection Officer
University of Leicester
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]]On Behalf Of Tim Trent
Sent: 05 October 2004 13:56
To: [log in to unmask]
Subject: Re: [Maybe Spam] Re: [data-protection] Third party response
conse nt. Was - RE: SAR and compliance calendar days
No-one can disagree with that at all. It is a statutory limit. The point I
think people are making (I know I am) is that it takes a complaint to invoke
TICO. Thus, if 40 days is for any reason unhittable a decent, open and
frank explanation is likely to stop the potential complaint from happening.
Unless, of course, it is a "wilful and malicious SAR" in the first place.
Tim Trent - Consultant
Direct: +44(0)1344 392644 Mobile:+44(0)7710 126618
email: [log in to unmask]
Marketing Improvement Limited, Abbey House, Grenville Place, Bracknell,
United Kingdom, RG12 1BP
http://www.marketingimprovement.com
This message is for the intended addressee's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mis-transmission. If
you receive this message in error, please immediately delete it and all
copies of it from your system, destroy any hard copies of it and notify the
sender. You must not, directly or indirectly, use, disclose, distribute,
print, or copy any part of this message if you are not the intended
recipient. Any views expressed in this message are those of the individual
sender, except where the message states otherwise and the sender is
authorised to state them to be the views of any such entity.
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Atkinson, C.
Sent: Tuesday, October 05, 2004 1:38 PM
To: [log in to unmask]
Subject: Re: [data-protection] [Maybe Spam] Re: [data-protection] Third
party response conse nt. Was - RE: SAR and compliance calendar days
You may wish to review your procedures. Whilst the ICO is quite
understanding of the position, the 40 day limit is unconditional. The
advice I was given by the ICO was that 'there are no circumstances which may
be quoted in mitigation for any Subject Access Request to go beyond the
forty days allowed for satisfaction'.
Colin Atkinson
Data Protection Officer
University of Leicester
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]]On Behalf Of Broom, Doreen
Sent: 05 October 2004 10:26
To: [log in to unmask]
Subject: Re: [Maybe Spam] Re: [data-protection] Third party response conse
nt. Was - RE: SAR and compliance calendar days
***** This email was sent via the INTERNET *****
Exactly what we do Brenda - common-sense. Nobody is going to go berserk
even the ICO if you have a reasonable explanation. I have one at the moment
which goes back to an agreement 30 years ago and we are having difficulty in
locating information but we are keeping the individual aware of the
situation and they are very understandable.
Doreen
-----Original Message-----
From: Scourfield, Brenda
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|