Probably not answering the question, but taking your points one by one:
1. At what point would the relevant DP exemptions apply for tracing any
audit trail of the .pdf file?
Depends who is tracing I suppose-the Police would have whatever
legislation they cite that enables them to justify their tracing (one
hopes?).
The University? If it is done from their facilities-Would they take
legal proceedings against a student/staff member off the back of it?
Does the fair-processing information they (hopefully) give their
staff/students inform them of uses of their personal information re:
monitoring use of the internet via University computers?
2. If the reading material is 'non-authorised' as some sources have at
times stated, would downloading it be a breach of organisation policies
and hence a breach of DP notifications for those organisations whose
notifications are tied to policies and procedures?
(a) If so how is non-authorised determined?
(b) How is authorised determined?
If a student/staff member uses University IT resources to download
something the University has deemed unsuitable, and the University FPN
says "We will use your activity log to monitor usage of the web.....and
if you do something we deem unsuitable etc." the University would
probably justify hammering the individual on those grounds.
As to what is authorised/unauthorised-depends on the University rather
than DPA surely?
"Non-authorised" could be as basic as "something deemed not relevant to
academic study" perhaps?
Whether that could be justified in a case where academic freedom is at
stake is debateable though. I suspect that is the real problem. Just how
"free" is academic freedom? From what I hear of the US situation for
example-increasingly "not at all" it seems!
3. What are the implications of using the s.36 exemption to cover
private research purposes when downloading the file to read?
Section 36 DPA states "personal data processed by an individual only for
the purposes of that individual's personal, family or household affairs
(including recreational purposes)....are exempt from......" .
If I download the "Al-Quaeda Guide to Good Bombing" or whatever from
home, its for my personal use. If its banned by law (whatever may
apply)- I can be hammered by the appropriate agencies I suppose.
If not, its for my personal use and no-one's business but my own
(although my taste/sanity may be questioned)!
If it is not unlawful and I do it from Uni/work etc. and they have said
"Thou shalt not...." they (Uni/work etc.) may act against me.
More a set of questions than answers really, my apologies if I have
missed a point somewhere! Today is my "Friday".
Iain Harrison
Information Governance Officer
Information Governance Team
Customer & Workforce Services
Coventry City Council
Council House
Earl Street
Coventry CV1 5RR
Telephone No: 024 7683 3305
Fax No: 024 7683 3395
www.coventry.gov.uk
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of
[log in to unmask]
Sent: 29 May 2008 14:03
To: [log in to unmask]
Subject: [data-protection] Reading material - exemptions
I have been following the Nottingham University Al-Quaeda research
material incident with some interest due to the group privacy issues
illustrated and associated within an allegedly open social construct.
This in turn has caused me to consider it may well be of interest within
this group from a DP perspective.
Briefly, the incident consists of a student downloading required reading
material for his course from a US government web site - namely what has
become known as 'The Al Qaeda Training Manual'. The download was a
translated copy presented in a .pdf document of some 1500 pages.
For some reason requiring a hard copy, and trying to save money, he
passed the .pdf onto a friend who worked in a university admin
department to print on his behalf. Another member of staff noticed the
printed copy on the printer and reported it to the police who
subsequently arrested both the researcher and the
administrator/researcher and held them in custody whilst an
investigation took place. Both were subsequently released without charge
(innocent) but one was re-arrested apparently for immigration
irregularities.
A google search for "Al Qaeda Training Manual" turns up many links to
sites which hold copies of part or all of it. Many of the sites are
government or legal sites and many contain links to other sites which
hold full versions most with downloads.
The DP questions:-
1. At what point would the relevant DP exemptions apply for tracing any
audit trail of the .pdf file?
2. If the reading material is 'non-authorised' as some sources have at
times stated, would downloading it be a breach of organisation policies
and hence a breach of DP notifications for those organisations whose
notifications are tied to policies and procedures?
(a) If so how is non-authorised determined?
(b) How is authorised determined?
3. What are the implications of using the s.36 exemption to cover
private research purposes when downloading the file to read?
Ian W
________________________
Guard against online ID theft - http://www.tiscali.co.uk/spyguard
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask] All user
commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list
owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your
needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All e-mails are monitored by Coventry City Council IT Security, using
M@ilMeter and Star Filtering Services in accordance with the Regulations
of Investigatory Powers Act 2000.
_____________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs.
This e-mail and any files transmitted with it are confidential and are intended solely for the use of the addressee. If you have received this e-mail in error, you are requested to contact the sender
All e-mails are monitored by Coventry City Council IT Security, using M@ilMeter and Star Filtering Services.
The views contained in this e-mail are those of the author and not necessarily those of Coventry City Council.
______________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|