In message <[log in to unmask]>, at 07:04:48 on Tue,
31 Oct 2006, Tony Bowden <[log in to unmask]> writes
>I think a good rule of thumb is that you should not be requesting any
>form that ID that provides any data that you don't already (legitimately)
>hold on the data subject.
>
>i.e. proving identity should not involve revealing more information
>than would already be known.
That's an interesting approach. Should I get some sort of certified copy
of my birth certificate that redacts the things you didn't already know
(like names of parents, place I was born, and maybe even my date of
birth?) Is what is left sufficiently useful?
--
Roland Perry
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|