Thanks everyone for your input on this. A few different interpretations! I 
didn't get from reading the exemption that it only applied to the Data 
Controller wishing to do research but perhaps this is my mis-
interpretation? My view was that further processing as per S33 (2)could 
mean further disclosing as per the definition of processing within the 
Act. That same paragraph seems to suggest that disclosing the data for the 
purposes of research would not be incompatible with the reasons why the 
data was first obtained. My view was that having sought guarantees as to 
the purpose of the research, ensuring that the relevant conditions were 
met (i.e the researcher was not going to make decisions that would affect 
the individual or cause damage or distress and that the personal data 
would be destroyed if the person did not wish to take part) that we could 
provide the details. 
We seek such guarantees when it comes to the disclosing to the police 
under S29 for example. Similar to other exemptions I thought that 
disclosure was discretionary and the exemption seems to suggest that as 
long as the relevant conditions are met it would not be unfair. 

In one example the Welsh Assembly has approached us for details of 
students studying for a PGCE so that they could be approached regarding 
the impact of the bursary scheme, whether they considered it to be 
effective, the improvements that could be made etc. Most of the research 
proposals we get is along these lines.  I did not think that it would be 
beyond the expectations of the data subject to be approached to comment on 
a scheme that they are involved in. Whether this is from us or the 
researcher themselves they still have the choice to say no. I suppose its 
the choice of whether their details are passed on that is the issue.

However saying all this I do recognise that principle 1 cannot be ignored. 
We dont currently let students know that their details may be passed on 
for the purpose of research (which I'm hoping to change) and it was this 
niggling doubt that prompted my e-mail in the first place! I was 
reasonably happy that Schedule 2 6 (1) could be relied upon but recognise 
that consent is perhaps the "safest" option. Once the fair processing 
notice element is in order I assume that the bases are covered and so long 
as there is no registered objections we can use our discretion as to 
whether the research is reasonable when deciding when to pass on details?

Apologies for the long e-mail, Im new to the HE sector and have not had 
much experience in using this exemption which is why I thought it best to 
seek advice! 

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
     If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
 Any queries about sending or receiving messages please send to the list owner
              [log in to unmask]
  Full help Desk - please email [log in to unmask] describing your needs
        To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
   (all commands go to [log in to unmask] not the list please)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^