I've had to deal with this very issue and it was e-mail correspondence
between two other employees and their internet usage. I refused on
grounds of Schedule 2 para 1(1) of the DP Act that the data subject must
give their consent to such processing and para 6(1) of Schedule 2 states
that the processing may be unwarranted in any particular case by reason
of prejudice to the rights and freedoms or legitimate interests of the
data subjects. We also said that the Council owed a duty of care and
respect for the individuals' privacy and decided it would be
unreasonable to disclose without consent. We were also of the view that
e-mails between two employees were not in the public interest.
I can understand an official's salary but have noted that the Scottish
Information Commissioner decided that a Director or Head of Services'
salary and/or qualifications should be in the public domain but when it
came to a Planning Officer they did not need to disclose that salary.
Doreen Broom
Access to Information Officer
Scottish Borders Council
Tel: 01835 826516
Fax: 01835 825059
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Tim Turner
Sent: 12 October 2005 14:55
To: [log in to unmask]
Subject: Re: Connexions consent
In principle, it is perfectly possible to ask for and receive personal
data about a third party under the Freedom of Information Act. For a
recent example, look at the Information Commissioner's decision on a
request made to Corby Council about senior staff salaries. The
Commissioner ruled that the information was definitely personal, and
also that the council had a duty to find a way to disclose it that was
compatible with DP. This request is being challenged, but you can see
that the Commissioner does not rule out getting third party personal
data under FOI.
Obviously, the chances of someone being given information about a child
under FOI is very very remote - nevertheless, any request for it would
have to go through the motions in order to avoid leaving the door open
to a complaint and the wrath of the Commissioner, whatever that might
look like.
Tim Turner
Data Protection / Freedom of Information Officer Wigan Council
> ----------
> From: Simon Howarth[SMTP:[log in to unmask]]
> Reply To: Simon Howarth
> Sent: 12 October 2005 14:08
> To: [log in to unmask]
> Subject: Re: [data-protection] Connexions consent
>
> A1. No, it's not a correct form of consent. As I have said today in
> another thread, consent can never be given by silence in this
instance.
>
> A2. I think they have FOI and DPA mixed up. I cannot see why as part
> of the FOI this should take place. In my experience Schools in general
> do not have a very good understanding of DPA or FOI so I would think
> that it is a mistake. Unless they are asking consent to share personal
> details under FOI, which would worry me!
>
> On the upside, I have been involved with Connexions from an
> inter-agency data sharing point of view, and whilst they are a group
> of autonomous organisations, they all have a very good understanding
> of the legislation and apply it properly and sensibly. It's the school
> I would worry about!
>
> Simon Howarth.
>
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]] On Behalf Of Roland Perry
> Sent: 12 October 2005 13:36
> To: [log in to unmask]
> Subject: Connexions consent
>
> It's that time of year again.
>
> I have a child who has started at secondary school, and they brought
> home a "DPA 1998 Consent Withheld Form"; which, if I do not return it,
> carries the assumption that the school can share the child's personal
> data with a range of agencies.
>
> Q1. Is this "It's OK unless we hear from you", a correct form of
> consent?
>
> Q2. Why does the form say "As part of the FOI Act we are now obliged
> to ask pupils/parents about their willingness to share their personal
> data". Does this mean that they think anyone could use FOI to get the
> personal data of any local schoolkid? If not, what's the issue?
> --
> Roland Perry
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to the list
> owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to the list
> owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list
owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
PLEASE NOTE: THE ABOVE MESSAGE WAS RECEIVED FROM THE INTERNET.
On entering the GSi, this email was scanned for viruses by the
Government Secure Intranet (GSi) virus scanning service supplied
exclusively by Energis in partnership with MessageLabs.
Please see
http://www.gsi.gov.uk/main/notices/information/gsi-003-2002.pdf for
further details.
In case of problems, please call your organisational IT helpdesk
********************************************************************
* This email is privileged, confidential and subject to copyright. *
* Any unauthorised use or disclosure of its content is prohibited. *
* The views expressed in this communication may not necessarily *
* be the views held by Scottish Borders Council. *
* Please be aware that any email sent or received by the Council *
* may require to be disclosed by the Council under the provisions *
* of the Freedom of Information (Scotland) Act 2002. *
********************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|