> Roland Perry on 26 July 2006 at 17:36 said:-
> Is there no corporate aspect to the "proceeds of crime" legislation?
If one existed could it be seen as necessary to use in the circumstances of
DP complaints?
Such a mechanism may well appear superfluous in the strictly common sense
approach relating to 'privacy rights' followed by the ICO.
Unfortunately the common sense of any sensor can deny many aspects of what
are often termed 'privacy rights' by many and which may consequently then
end up being denied.
Producing a richer yet still simplified mixed bag of available responses to
infringements would probably be more widely beneficial, and reflective of
the wider societal norms, provided the administrative mechanisms responded
in an equitable way.
Ian
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> Roland Perry
> Sent: 26 July 2006 17:36
> To: [log in to unmask]
> Subject: Re: Penalties for DP offences - Consultation
>
>
> In message <[log in to unmask]>, at
> 15:41:54 on Wed, 26 Jul 2006, Ian Welton
> <[log in to unmask]> writes
> >Ask the question - would the outcome of the Goldfish credit card
> >business set up using a utility companies customer data in breach of
> >the DPA and initially returning many millions of pounds worth of
> >revenue have been curtailed by a 20,000 fine?
>
> Is there no corporate aspect to the "proceeds of crime" legislation?
> --
> Roland Perry
>
>
> -----Original Message-----
> From: Ian Welton [mailto:[log in to unmask]]
> Sent: 26 July 2006 15:42
> To: [log in to unmask]
> Subject: Re: Penalties for DP offences - Consultation
>
>
> Rather busy so only a brief response.
>
> The range of penalties available would normally fit both the
> type and scale of any agreed misdeed. A fine of 10-20,000 or
> even 200,000 is likely to continue to be viewed as an
> acceptable business expense in many circumstances. Ask the
> question - would the outcome of the Goldfish credit card
> business set up using a utility companies customer data in
> breach of the DPA and initially returning many millions of
> pounds worth of revenue have been curtailed by a 20,000 fine?
> Then ask the question would a potential prison term for
> management have provided a different level of deterrence?
>
> Considering deterrence mechanisms which utilise those
> coercive approaches whilst viewing that area using a wide
> privacy definition and:-
>
> • the pressures applied by businesses utilising enforced
> subject access;
> • the creation of the CRB;
> • more recently the seeming legal normalisation of the SAR
> enforcement abuses by the ICO's decisions and statements to
> certain sectors.
>
> All of those appear most inappropriate when the individuals
> concerned themselves are unable to as easily demand or find
> out details of the various tribunal/court decisions which may
> have been found against any organisation they are potentially
> joining and which may be pertinent to their decisions to
> proceed with an employment application.
>
> A requirement for organisations to disclose all tribunal
> findings/convictions to any person who they require to be
> vetted or enforce subject access against, or when an
> employment application is sent out, provides an apparently
> equally appropriate level of information to the individuals
> decision process regarding how they may fit within any
> particular organisational culture. At the same time that
> would provide a process which created mechanisms similar to
> those apparently used at an individual level for
> organisations, focusing attention on the proven misdeeds of
> the organisation and allowing some informed questioning if
> necessary. Provided enforced SAR is as effective at the
> individual level as the demands seem to indicate the opposite
> should be likewise effective at the organisational level.
>
>
> Ian
>
>
>
>
> > -----Original Message-----
> > From: This list is for those interested in Data Protection
> > issues [mailto:[log in to unmask]] On Behalf Of
> Tim Turner
> > Sent: 26 July 2006 08:53
> > To: [log in to unmask]
> > Subject: Penalties for DP offences - Consultation
> >
> >
> > Apologies if this has already been picked up.
> >
> > The Department of Constitutional Affairs is running a
> > consultation on the penalties of misuse of data - the
> > suggestion is to increase them from fines to the possibility
> > of prison sentences. The document was published on Monday, I
> > think. If you would like the chance to have your say, go to
> > the following website:
> >
> > http://www.dca.gov.uk/consult/misuse_data/cp0906.htm
> > <http://www.dca.gov.uk/consult/misuse_data/cp0906.htm>
> >
> > The point has been made by others (I read the argument on the
> > Spy Blog -http://www.spy.org.uk/spyblog/
> > <http://www.spy.org.uk/spyblog/> - which is full of Data
> > Protection and surveillance stories if you haven't seen it),
> > but an increase in penalties is only interesting if the
> > penalties are applied. After all, the job of every DP officer
> > would be made that little bit easier if the worst DP
> > offenders actually ended up doing some time. But Data
> > Protection has hardly been over-enforced since its
> > introduction, so perhaps one of the things the DCA should
> > introduce if they decide to increase the penalties is some
> > obligation to apply them.
> >
> > Tim Turner
> > Data Protection / FOI Officer
> > Legal and Property Services
> > Wigan Council
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.10.4/402 - Release Date: 7/27/06
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|