Tim Turner on 13 June 2005 at 12:55 said:-

> Everyone 
> working in a DP role has a responsibility to challenge and 
> overturn this view - not to shore it up.

Provided that attempting to become popular by overturning a supposed myth
does not discard the rights being protected; otherwise the gatekeeper
community would themselves erode those rights by adopting a defensive
reaction to a particular challenge.

Many groups/people do forge/make up correspondence as a means of
creating/obtaining personal data in the same way as values are manipulated
as a means of achieving certain organisational aims. And many acts seem to
be agreed to be criminal specifically because they are carried out merely to
serve the interests of the individual/organisation to the cost of society as
a whole.

Value judgements and specific interests aside carefully documenting the
decision making factors and criteria must assist in removing a large portion
of the fog and reveal many of the influencing interests, hence facilitating
a fully informed decision which hopefully would be applicable for all data
subjects, rather than acting upon an initially focused but possibly woolly
conclusion.

Which is one value of this group and its debates.

Ian W

> -----Original Message-----
> From: This list is for those interested in Data Protection 
> issues [mailto:[log in to unmask]] On Behalf Of Tim Turner
> Sent: 13 June 2005 12:55
> To: [log in to unmask]
> Subject: Re: Disclosure or not?
> 
> 
> Especially when Antoinette suggested an elegant compromise to 
> resolve this scenario that achieves the objectives of DP 
> purists and bloody-minded pragmatists like me, I find it 
> difficult to understand why the notion of being helpful, even 
> with a few attendant (technical) risks, is seen as 
> unnecessary, even undesirable. The media have created a 
> perception that Data Protection is ungainly, unhelpful and 
> occasionally (Soham, British Gas etc) dangerous. Everyone 
> working in a DP role has a responsibility to challenge and 
> overturn this view - not to shore it up.
> 
> Tim Turner
> Wigan Council
> 
> > ----------
> > From: 	Carter, Antoinette
> > (KIS)[SMTP:[log in to unmask]]
> > Reply To: 	Carter, Antoinette (KIS)
> > Sent: 	13 June 2005 12:42
> > To: 	[log in to unmask]
> > Subject: 	Re: [data-protection] Disclosure or not?
> > 
> > I think this whole attitude of being obtrusive when dealing with 
> > perfectly reasonable requests is what has given the DPA such a bad 
> > name.  You are, in effect, making it all the more likely that the 
> > forger gets away with it, and that benefits no-one.  At the 
> end of the 
> > day, we're talking about someone lying to their boss to 
> cover taking 
> > time off work.  This is not the great train robbery; do you really 
> > want our police spending their time investigating someone playing 
> > hooky from work, and wasting a Court's time getting a court 
> order, all 
> > of which would cost the taxpayer £1,000s over a 
> misdemeanour that cost 
> > the company just £100s.
> > 
> > You say: "But if the employer receives from the hospital a 
> statement 
> > of fact that the letter is forged, would not the employer 
> > automatically think the employee is the forger?" I say: Well, yes, 
> > obviously they would.  The employee gave them the letter, 
> and is the 
> > only party who could benefit from it's forgery.  If you get 
> shot, the 
> > man holding the smoking gun is usually to blame.
> > 
> > You said: "Is that not personal data in the sense of "opinions"?  I 
> > say: the opinions they form are "their" opinions, you would 
> only have 
> > stated the fact that you know the letter had not been sent by you.
> > 
> > You said: "However, if the hospital tells the employer "it 
> is likely 
> > to be a forgery but we make no allegations about who may 
> have forged 
> > this letter" it could leave the employer with a dilemma 
> about whether 
> > to accuse the person and take action against them.  I say, 
> it is their 
> > dilemna and not for you to pre-suppose how the employer 
> interprets or 
> > acts or the information you give them. Why would you say 
> "it is likely 
> > to be a forgery" when you know that IT IS A FORGERY.  All 
> this woolly 
> > talk achieves nothing and only helps the guilty.
> > 
> > -----Original Message-----
> > From: This list is for those interested in Data Protection issues 
> > [mailto:[log in to unmask]] On Behalf Of 
> [log in to unmask]
> > Sent: 13 June 2005 11:48
> > To: [log in to unmask]
> > Subject: Re: [data-protection] Disclosure or not?
> > 
> > But if the employer receives from the hospital a statement of fact 
> > that the letter is forged, would not the employer 
> automatically think 
> > the employee is the forger?  Is that not personal data in 
> the sense of 
> > "opinions"?  However, if the hospital tells the employer 
> "it is likely 
> > to be a forgery but we make no allegations about who may 
> have forged 
> > this letter" it could leave the employer with a dilemma 
> about whether 
> > to accuse the person and take action against them.
> > 
> > I have acquired a large kitchen utensil made of natural arboreal 
> > material which is useful for these situations if anyone wants to 
> > borrow it ;-)
> > 
> > Ian B
> > 
> > PS A simple and cheap solution is to have a policy of not 
> responding 
> > to this sort of request.  If and when the police turn up 
> with a court 
> > order to disclose, respond then.
> > 
> > -----
> > In a message dated 13/06/05 10:33:51 GMT Daylight Time, 
> > [log in to unmask] writes:
> > 
> > 
> > > I think Antoinette has the simple answer - focussing on 
> whether or 
> > > not the letter is genuine or forged, without giving any further 
> > > information about attendance at appointment.
> > > 
> > > If the data subject provided their employer with a letter 
> supposedly 
> > > written by my hospital to the data subject, I do not see how the 
> > > employer is breaching the subject's data privacy rights in taking 
> > > the letter back the supposed issuing hospital for 
> confirmation. If 
> > > I/my organisation sent the letter in the first place, we 
> can confirm 
> > > it is genuine (after confirming with the data subject 
> that they did 
> > > provide it to their employer) or if it is a fraud/forgery we can 
> > > state that fact. Neither of these statements breach 
> personal privacy 
> > > rights of the data subject.
> > > 
> > > However, I would not confirm or deny whether the patient/data 
> > > subject attended my hospital, without the patient's permission.
> > > 
> > 
> > 
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >        All archives of messages are stored permanently and are
> >       available to the world wide web community at large at
> >       http://www.jiscmail.ac.uk/lists/data-protection.html
> >       If you wish to leave this list please send the command
> >        leave data-protection to [log in to unmask]
> >             All user commands can be found at : -
> >         http://www.jiscmail.ac.uk/help/commandref.htm
> > Any queries about sending or receiving message please send 
> to the list 
> > owner
> >               [log in to unmask]
> >   (all commands go to [log in to unmask] not the list please)
> >    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > 
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >        All archives of messages are stored permanently and are
> >       available to the world wide web community at large at
> >       http://www.jiscmail.ac.uk/lists/data-protection.html
> >       If you wish to leave this list please send the command
> >        leave data-protection to [log in to unmask]
> >             All user commands can be found at : -
> >         http://www.jiscmail.ac.uk/help/commandref.htm
> > Any queries about sending or receiving message please send 
> to the list 
> > owner
> >               [log in to unmask]
> >   (all commands go to [log in to unmask] not the list please)
> >    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > 
> 
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>        All archives of messages are stored permanently and are
>       available to the world wide web community at large at
>       http://www.jiscmail.ac.uk/lists/data-protection.html
>       If you wish to leave this list please send the command
>        leave data-protection to [log in to unmask]
>             All user commands can be found at : -
>         http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to 
> the list owner
>               [log in to unmask]
>   (all commands go to [log in to unmask] not the list please)
>    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
              [log in to unmask]
  (all commands go to [log in to unmask] not the list please)
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^