I have been following the Nottingham University Al-Quaeda research
material incident with some interest due to the group privacy issues
illustrated and associated within an allegedly open social construct.
This in turn has caused me to consider it may well be of interest
within this group from a DP perspective.
Briefly, the incident consists of a student downloading required
reading material for his course from a US government web site - namely
what has become known as 'The Al Qaeda Training Manual'. The download
was a translated copy presented in a .pdf document of some 1500 pages.
For some reason requiring a hard copy, and trying to save money, he
passed the .pdf onto a friend who worked in a university admin
department to print on his behalf. Another member of staff noticed the
printed copy on the printer and reported it to the police who
subsequently arrested both the researcher and the
administrator/researcher and held them in custody whilst an
investigation took place. Both were subsequently released without charge
(innocent) but one was re-arrested apparently for immigration
irregularities.
A google search for "Al Qaeda Training Manual" turns up many links to
sites which hold copies of part or all of it. Many of the sites are
government or legal sites and many contain links to other sites which
hold full versions most with downloads.
The DP questions:-
1. At what point would the relevant DP exemptions apply for tracing
any audit trail of the .pdf file?
2. If the reading material is 'non-authorised' as some sources have at
times stated, would downloading it be a breach of organisation policies
and hence a breach of DP notifications for those organisations whose
notifications are tied to policies and procedures?
(a) If so how is non-authorised determined?
(b) How is authorised determined?
3. What are the implications of using the s.36 exemption to cover
private research purposes when downloading the file to read?
Ian W
________________________
Guard against online ID theft - http://www.tiscali.co.uk/spyguard
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|