Two suggestions to start with:
1
Section 7 of the Data Protection Act. Of course, it doesn't explicitly say
"all staff involved in monitoring internet usage must be in secure offices",
but you could argue very convincingly that a secure office away from
others is an appropriate organisational measure to prevent unauthorised and
unlawful processing etc...
2
The Commissioner's Employment Practices code, Section 2, page 31 - 2.2 has
lots of stuff about security, and then Section 3 on Monitoring on page 62:
you can have a field day with this one, 3.1.6 is specific about limiting
access to information gleaned from monitoring. In general, there's a lot of
stuff in the Code you could use to support your case.
Tim Turner
Wigan Council
-----Original Message-----
From: Henley, Lee [mailto:[log in to unmask]]
Sent: 16 February 2006 08:35
To: [log in to unmask]
Subject: [data-protection] Web monitoring and confidentiality
My team are responsible for monitoring internet usage within our
organisation (our policies allow us to do this and all staff sign up to this
as part of our ICT policies).
Currently my team are based in a secure office, allowing us to freely
discuss concerns and issues regarding internet usage with the relevant team
members. The problem I have is that we are about to move offices, and my
team are being told that we need to be located in a larger office along with
other staff members (who are not part of my team).
Obviously my concerns are that the office move will impact upon our internet
monitoring work, as from a DP aspect we do not want to be discussing staff
internet usage issues in a general work environment. I'm therefore trying
to build a business case enabling us to continue to work in a more secure
work environment because of the sensitivity of the work we do.
Any advice on how to strengthen my business case would be most appreciated.
Lee Henley
Information Manager
Corporate Development
Telephone : (01375) 652500
The information in this e-Mail and any attachment(s) are intended to be
confidential and may be legally privileged. Access to and use of its
content by anyone else other than the addressee(s) may be unlawful and
will not be recognised by Thurrock Council for business purposes. Thurrock
Council cannot accept any responsibility for the accuracy or completeness
of this message as it has been transmitted over a public network.
Any opinions expressed in this document are those of the author and do
not necessarily reflect the opinions of Thurrock Council.
Any attachment(s) to this message has been checked for viruses, but please
rely on your own virus checker and procedures.
If you contact us by e-mail, we will store your name and address to
facilitate communications.
Senders and recipients of email should be aware that under the UK Data
Protection and Freedom of Information legislation these contents may have to
be disclosed in response to a request.
Under the Regulation of Investigatory Powers Act 2000, any email sent to or
from this address may be accessed by someone other than the recipient for
system management and security purposes.
____________________________________________________________________
This message has been checked for all known viruses by the MessageLabs Virus
Control Centre. For further information visit
http://www.messagelabs.com/stats.asp
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses using Sophos
anti-virus software.
www.mimesweeper.com
www.sophos.com
**********************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|