Roland, I Agree. The response from these product providers' lawyers (those
I've spoken with) is the same - that the continued retention is "necessary"
from the perspective of there being no other practical solution if you want
a forensically sound facilityand to ensure that you meet other regulatory
requirements. This is where I'm not convinced yet about these systems. I
think the argument would run that if you tell everyone concerned that you
are keeping all emails and why, does that not cover you for principles 1,2
and 5?
The other perspective, not that I'm saying I advocate this thought
process(!), is if you are balancing the possibility of a £1million fine
from the Financial Services Authority/Securities and Exchange Commission
against a £5000 fine from the magistrates court, which way do you want to
jump?
Chris
Roland Perry <[log in to unmask]>@JISCMAIL.AC.UK> on
05/11/2004 07:26:23
Please respond to Roland Perry <[log in to unmask]>
Sent by: This list is for those interested in Data Protection issues
<[log in to unmask]>
To: [log in to unmask]
Subject: Re: [data-protection] e-mail storage systems case law
In message <003201c4c2cc$29e49660$0500a8c0@DAD1>, at 00:12:39 on Fri, 5
Nov 2004, davidwyatt <[log in to unmask]> writes
>There are however many 'retention' obligations in existence ie Company
>incorporation records, appointment of officers (personal data) as one
>example. It does also however depends on how 'emails' are used as part of
>records management. Emails content can form part of many contracts ie
>between employer and employee or customer and financial services supplier
>(whose products are information based).
>
>If your organisation uses email and is subject to any such retention
>obligations then appropriate tools to secure and retrieve the information
>are required not because of DPA but because of the other obligations.
>However as we know once any personal data is created or held in the email
>management systems then DPA starts to bite.
The issue that's very much a "live one" with respect to Data Retention
of Communications Data is whether or not you can say that because you
are legally obliged to retain *some* of the data, it's OK to retain
*all* of the data (because it's "too hard" to weed out one set from the
other when the normal business purpose expires on the majority).
--
Roland Perry
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
http://www.rac.co.uk
http://www.racbusiness.co.uk
http://www.bsm.co.uk
Any opinions expressed in this e-mail are those of the individual and not necessarily the company. This e-mail and any attachments are confidential to RAC and/or BSM and are solely for use by the intended recipient.
If you are not the intended recipient you must not disclose, copy or distribute its contents to any other person nor use its contents in any way.
If you have received this e-mail in error please forward a copy of this e-mail to "[log in to unmask]".
RAC Motoring Services: Registered England 1424399
VAT Reg No. GB 238640945
British School of Motoring: Registered England 291902
VAT Reg No. GB 239505847
Registered Office(s): 1 Forest Road, Feltham, TW 13 7RR
This e-mail and any attachments has been scanned for the presence of computer viruses. RAC/BSM accept no responsibility for computer viruses once this e-mail has been transmitted.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|