Graham Hadfield in Subject thread "Re: Data controller or not??" on 08
November 2005 at 08:42 said:-
> I agree that with so many of these clauses (e-mail/fax
> disclaimers also spring to mind) the accuracy leaves a lot to
> be desired.
This touches upon a subject I have been considering.
The matter concerns the private life of data subjects and relates to where
an organisational e-mail disclaimer denies responsibility for the comments
an employee may make within an e-mail and then contradictorily goes on to
state that the content of e-mails must be treated as the confidential
property of the organisation. Ownership/property commonly applies
responsibilities.
Where organisations employ e-mail monitoring and scanning techniques in
efforts to more effectively implement organisational policies in respect of
e-mails, one consequence would seem to be an inherently increased
organisational responsibility for the content of the e-mails. i.e. The more
control directly exercised on e-mails via monitoring and scanning the more
responsibility falls on the organisation rather than the individual and the
less accurate any denial of responsibility for any e-mail content becomes.
This particular issue also seems relevant and pertinent to definitions of
organisational e-mails as personal data.
To increase e-mail controls to a degree which resulted in full
responsibility for the organisation would mean a reciprocal reduction in
responsibility by the employees, whilst every e-mail would need to be
checked against every policy all the time, which given general constraints
would not seem to be particularly feasible.
If the disclaimer statements are inaccurate or misleading, is the employer
merely trying to minimise legitimate responsibility by attempting to disown
contentious material whilst stating other material does belong to the
organisation, or attempting to take full responsibility but wishing to
control anything which may become contentious. Yet if any e-mail controls
are not 100% how could either approach be argued as effective and hence
valid?
Ignoring the shift in controlling balance of individual to organisation, and
possible attempts by confidentiality statements to achieve an element of
organisational privacy, the main subject question is what benefits are
actually gained from any monitoring?
The answer would give something to consider in measuring the privacy costs
whilst providing further enlightenment regarding some functions in which
privacy seems to be considered a useful utility.
Any views gratefully received.
Ian W
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.12.8/161 - Release Date: 11/3/05
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|