Well done!
Some of the complexity of privacy has been clearly identified.
The examples of abuse you provide are more or less identical to the "think
this way and you will fit in" approach followed by many organisation who
frequently fail to recognise that whilst training people into a single
pattern of thinking is simpler, it does result in an increasingly inflexible
approach which does lead to space being created for competitors to service
unless changes occur. Such approaches may often, in my opinion, be
illustrated or accompanied by a growth in control mechanisms, ever
increasing marketing spend and confusion on why customers are demanding a
different product, service, or creating a more fragmented market sector.
Still organisations do grow and die in the environment so that would seem to
form part of the greater variety.
Returning to the data subjects perspective and yes it has been my experience
that they are frequently compromised by the actions of others who gain
access to their data. Those others, who may even have legitimate access,
will often try and protect themselves by invoking privacy mechanisms. The
argument you use about the ex wife in that sense supports a data subject
knowing who has access to their data and so who created any compromise,
allowing them to at least have some chance of stopping any similar
occurrences in the future.
Returning to look at the issues more generically, some sectors will gain
immense benefits from a disclosure of the type previously described and some
already disclose to that level. I would suspect those sectors would
normally be the ones where a high degree of trust with their clients/data
subjects is required. There will be other sectors who will not wish anybody
to know that they have the personal data or ever had it. In between a wide
range of viewpoints will exist, creating a variety of approaches.
A singular approach to any multi faceted issue involving many people or
organisations will inevitably increasingly identify problems which that
approach does not cater for, and will inevitably require ever increasing
controls to support the approach sufficiently to keep it functional. On the
other hand a flexible approach supported by a wide ranging knowledge and
tolerance of difference should provide a somewhat more stable base, although
at the end of the day a horses for courses may well be the route taken.
Ian W
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> Roland Perry
> Sent: 11 January 2006 15:49
> To: [log in to unmask]
> Subject: Re: Section 29(3)
>
>
> In message <[log in to unmask]>, at
> 14:41:30 on Wed, 11 Jan 2006, Ian Welton
> <[log in to unmask]> writes
>
> >Of those data controllers who hold recipient transaction
> type data, how
> >many actually disclose it as a routine part of their subject access
> >process?
>
> Most telcos are (I am told) reluctant to divulge on SAR information
> which is, in effect, a copy of that customer's phone bill
> because it is
> seen as an abuse of process. The "proper" process being either to
> request a copy of the bill, or to tell whatever investigating officer
> asked the customer to use a SAR to gather evidence for him (albeit
> evidence about themselves) to look out his copy of RIPA and
> get (and pay
> for it) himself.
>
> But this is not what the privacy activists are most
> interested in. They
> are concerned that their personal data is being handed over to
> investigators (and the classic example here is The Egg
> Marketing Board)
> on the pretext of solving some terrible crime, and they are
> never told
> that their private matters have been compromised in this way.
> In effect,
> they don't see why the Egg Marketing Board people should know they
> phoned the abortion clinic (or their ex-wife, or whatever).
>
> One potential remedy they suggest, is to be told (when they have been
> cleared of any misdeed) that this has happened. I'm not sure why that
> makes it a whole lot better, but it's not my suggestion.
>
> What I was asking earlier is (eg) whether or not the ex-wife
> ought to be
> told too - do they have a right to know the privacy of the private
> relationship, by phone, with that individual has been potentially
> compromised?
> --
> Roland Perry
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.14.16/225 - Release Date: 1/9/06
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|