The definition of what constitutes a third party is plain enough:
"2.8 Third Party Definition (s70 (1)) "Third party, in relation to
personal data, means any person other than - *
*
*
the data subject, the data controller, or any data processor or other
person authorised to process data for the data controller or processor."
The expression third party does not include employees or agents of the
data controller or data processor, which persons are for the purpose of
this expression to be interpreted as being part of the data controller
or processor. As such, this expression is distinguishable from
"recipient", which effectively separates employees/agents of the data
controller/processor from the data controller/processor itself." (OIC
Legal Guidance)
However, to apply a strict legal definition and pretend it to be a
considered judgement is a mistake. There are circumstances in which NOT
seeking consent would be inappropriate. I wouldn't allow the definition
to stop me seeking consent if I thought the case required it or for that
matter making the judgement to redact if consent could not be obtained.
Best,
Gerry
Mr.G.Dane
University of Newcastle
Newcastle upon Tyne
NE1 7RU
Email: [log in to unmask]
-------------------------------------------
The views expressed in this message are those of the
sender and not necessarily those of the University.
>-----Original Message-----
>From: Tony Bowden [mailto:[log in to unmask]]
>Sent: 02 February 2004 13:28
>To: [log in to unmask]
>Subject: Re: [data-protection] Redacted Information
>
>
>On Mon, Feb 02, 2004 at 01:23:12PM +0000, Rob Dawson wrote:
>> In completing an SAR that will give details of third parties
>(eg other
>> employees) you do not have to give their details unless the third
>> party has consented. You could find that disclosing a third party
>> name without consent may cause distress.
>
>A member of staff acting in connection with their employment
>is not a Third Party.
>
>Tony
>
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list
>please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|