-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Roland Perry
Sent: 03 December 2006 17:08
To: [log in to unmask]
Subject: Re: [data-protection] Even we "experts" get caught out
In message
<!&!AAAAAAAAAAAYAAAAAAAAAIfCFjaFV0BEsFq4L0YKekfCgAAAEAAAAJC1JUPkFrNHu6j7i
[log in to unmask]>, at 15:04:53 on Sun, 3 Dec 2006,
Tim Trent <[log in to unmask]> writes
>A Fair Processing Notice is the one thing that would have made it fair.
>All else hinged on the lack of it.
The general lack of those is a much wider issue, and I agree with you that
more needs to be done about it.
>An automated process to distribute leads is interesting. I IMMEDIATELY
>used the same process to generate another lead which prohibited the call.
Hmm, so was there some sort of "notes" field into which you type the
prohibition, or was it more sophisticated than that? Does the form have a
box to tick to say "this isn't a new sales lead, it's cancelling an old
one"?
* No, and, to be fair, I have never seen such a box anywhere. But, and this
is the point, the lack of fair processing notice is the key here.
I once signed up to a marketing website that had a long policy statement,
and specifically said that it would not process the data of anyone under 16.
But the problem was, they had no way of me telling them how old I was. So I
subscribed as "[log in to unmask]".
Imagine my lack of surprise when they started mailing things to that
address!! The mailing would have been permitted if I was over 16. Of course
I am over 16, but the principle remains, they could/should have assumed I
wasn't.
>Nonetheless the call arrived.
If the person was working through the sales leads in the order they'd
arrived, and assuming the method you used to communicate the prohibition was
actually transferred with the second sales "anti"lead, I still think it's
asking a bit much for the person to have correlated the two.
* While I understand this completely, it is not my problem, but is the
problem of the initial data controller and the subsequent data controller to
whom the data was passed. It comes back to the lack of FPN.
>But my major beef is the passing of my data, without my consent, to a
>random third party at all.
Was the third party in any sense an agent of website owner?
* In no sense whatsoever. Their existence at all was a totally surprise.
Again, no FPN. And this lack means that processing is unfair because it can
never be fair.
>I have an expectation that the law will be complied with. I have an
>expectation that those who generate automatic systems also comply with
>the law. This was easy to prevent. And this is an area where the UKIC
>should be marshalling some serious efforts
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|