(1) I suspect the relevant exemption is S.28 not S.29 - and the S.28
people have ways of getting things without being noticed!

(2) The acceptable use policy has  to be far wider than S.36. Lots of
people have really horrible "hobbies". All acceptable use policies
should really refer to S.36 AND the racist, porn etc etc list.

(3) If I were leading a team downloading this kind of stuff for research
purposes, I would establish clear procedures and authorisations. Indeed,
to avoid confusion I would dicuss with the authorities how best to
record approval for these types of requests. Indeed, the authorities
might come up with research ideas.

C


Chris

Data Protection Consultant
Pinsent Masons LLP

DDI +44 (0) 20 7490 6605 
Mobile +44 (0) 7799 035 058
Internal Ext - 816605
 
Pinsent Masons LLP is part of PMLG - An international group of law firms

-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of
[log in to unmask]
Sent: 29 May 2008 14:03
To: [log in to unmask]
Subject: [data-protection] Reading material - exemptions

I have been following the Nottingham University Al-Quaeda research
material incident with some interest due to the group privacy issues
illustrated and associated within an allegedly open social construct. 

This in turn has caused me to consider it may well be of interest within
this group from a DP perspective.

Briefly, the incident consists of a student downloading required reading
material for his course from a US government web site - namely what has
become known as 'The Al Qaeda Training Manual'. The download was a
translated copy presented in a .pdf document of some 1500 pages. 

For some reason requiring a hard copy, and trying to save money, he
passed the .pdf onto a friend who worked in a university admin
department to print on his behalf. Another member of staff noticed the
printed copy on the printer and reported it to the police who
subsequently arrested both the researcher and the
administrator/researcher and held them in custody whilst an
investigation took place. 

Both were subsequently released without charge
(innocent) but one was re-arrested apparently for immigration
irregularities.

A google search for "Al Qaeda Training Manual" turns up many links to
sites which hold copies of part or all of it. Many of the sites are
government or legal sites and many contain links to other sites which
hold full versions most with downloads.

The DP questions:-

1. At what point would the relevant DP exemptions apply for tracing any
audit trail of the .pdf file?

2. If the reading material is 'non-authorised' as some sources have at
times stated, would downloading it be a breach of organisation policies
and hence a breach of DP notifications for those organisations whose
notifications are tied to policies and procedures? 
(a) If so how is non-authorised determined?
(b) How is authorised determined?

3. What are the implications of using the s.36 exemption to cover
private research purposes when downloading the file to read?

Ian W



________________________
Guard against online ID theft - http://www.tiscali.co.uk/spyguard

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
     If you wish to leave this list please send the command
       leave data-protection to [log in to unmask] All user
commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
 Any queries about sending or receiving messages please send to the list
owner
              [log in to unmask]
  Full help Desk - please email [log in to unmask] describing your
needs
        To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
   (all commands go to [log in to unmask] not the list please)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

If you consider this email spam,
please forward to [log in to unmask]










This email is sent on behalf of Pinsent Masons LLP, a limited liability partnership registered in England & Wales (registered number: OC333653) and regulated by the Solicitors Regulation Authority.  The word 'partner', used in relation to the LLP, refers to a member of the LLP or an employee or consultant of the LLP or any affiliated firm who has equivalent standing and qualifications. A list of the members of the LLP, and of those non-members who are designated as partners, is displayed at the LLP's registered office: CityPoint, One Ropemaker Street, London EC2Y 9AH, United Kingdom.

The contents of this e-mail and any attachments are confidential to the intended recipient. If you are not the intended recipient please do not use or publish its contents, contact Pinsent Masons LLP immediately on +44 (0)20 7418 7000 then delete it. Contracts cannot be concluded with us nor service effected by email. Emails are not secure and may contain viruses. Pinsent Masons LLP may monitor traffic data. Further information about us is available at www.pinsentmasons.com.


^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
     If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
 Any queries about sending or receiving messages please send to the list owner
              [log in to unmask]
  Full help Desk - please email [log in to unmask] describing your needs
        To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
   (all commands go to [log in to unmask] not the list please)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^