In message
<[log in to unmask]>,
at 14:47:28 on Tue, 6 Feb 2007, "Hitches, John F"
<[log in to unmask]> writes
>Forgive me if anything has been said about this already (which I have
>missed) but I have just come across a revised Data Protection policy
>from the Association of Chief Police Officers (ACPO) dated October
>2006.
I would normally notice something like this, and it's the first time
I've seen it (although my day-job doesn't bring me into contact with
things like this any more). I'll have to update my web page:
http://www.internetcrimeforum.org.uk/dpa29-3form.html
I worked with ACPO on earlier drafts of the Manual of Standards, which
used to be kept somewhat under wraps - it's very good to see this latest
edition firmly in the public domain.
>It introduces a new form for police to use to request personal data
>from data controllers under Section 29 of the DPA and says that this
>form has been developed in conjunction with the Information
>Commissioner.
I am very surprised not to be able to find any mention of the fact that
this form MUST NOT be used to obtain Communications Data from Telcos,
when that is available via RIPA instead.
>The whole of the new policy can be found at:
>
>http://www.acpo.police.uk/asp/policies/Data/ACPODPMoGV1.06.pdf
>
>and the form is introduced on page 58. It is a much longer form than
>the old single page one
The previous form (as far as I'm aware) is listed here:
http://www.internetcrimeforum.org.uk/comms_data_2.pdf
which mentions
"In authorising the request for this data, the Authorising
Officer has considered the issues of necessity and
proportionality under the Human Rights Act 1998 and these
considerations have been recorded on the application form",
whereas the new one has the less well explained (and somewhat
reminiscent of the bald assertions from Secretaries of State on the
front of Parliamentary Bills):
"Human Rights Act 1998 Article 8 – right to privacy. This
request is consistent with Article 8(2) prevention of disorder
or crime."
although the manual itself does have quite a bit on proportionality.
And it leaves moot the issue of considering rights to privacy when the
enquiry is about something other than prevention of disorder, or crime
(page 59 listing several purposes that I don't see fitting into either
category).
>and includes a section requiring a response from the relevant data
>controller
--
Roland Perry
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|