I don't want to characterise their behaviour unfairly, because I have no
special insight into what's going on there at the moment. But in my view,
these are difficult times for the OIC. The combined weight of the negative
media stories before Christmas (Soham / British Gas), and the Durant
judgement have altered the landscape considerably. Did the Commissioner's
office expect Durant to go this way? I don't know - I've spoken to two IC
staff who said that they were very surprised. What the rest, including the
Legal Department, expected is a question for them. All I know is that I've
asked them about several things since the start of the year, and each time,
my pragmatic approach has been endorsed in a way that I wouldn't have
expected a year ago.
Right now, the office gives the impression of being on the back foot. The
old caution that sometimes seemed to allow requesters to get away with
murder seems to have been replaced by a new caution, unwilling to tell Data
Controllers to do anything too strenuous. We live in very interesting
times.....
Tim Turner
Data Protection Officer
Wigan Council
> ----------
> From: Tony Bowden[SMTP:[log in to unmask]]
> Reply To: Tony Bowden
> Sent: 16 February 2004 11:16
> To: [log in to unmask]
> Subject: [data-protection] No Longer Than Is Necessary?
>
> Another strange thing from the OIC:
>
> I complained that a company was claiming to hold my data "indefinitely",
> even when much of it was explicitly marked as unused, related to past
> offers, or for historic or obsolete systems or purposes.
>
> The OIC responded:
>
> "As regards the period of time for which your data have been kept
> by the
> data controller, I should mention that we are not in a position to
> determine what is longer than necessary for each industry sector.
> It is
> likely that there are many determining factors such as legal
> requirements as well as legitimate business practices e.g. bill
> queries
> etc. that will influence the decision on the period of time for
> the
> retention of such records. I would advise you to take this issue
> up with
> the data controller"
>
> This seems very strange to me. This is one of the central principles of
> Data Protection, and the OIC are stating that they are not in a position
> to tell whether or not it is adhered to!
>
> Tony
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses using Sophos
anti-virus software.
www.mimesweeper.com
www.sophos.com
**********************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|