----Original Message----
From: [log in to unmask]
Date: 04/12/2009 15:49
To: <[log in to unmask]>
Subj: RE: [data-protection] Tracing originator
Nay I think the generic issue is clear in my mind and as I remember
happened:
After the DPA 1998 implementation;
After the final enactment but before the implementation of the FOIA;
During the very early trials of data sharing type issues;
Possibly during the CDA implementation of Youth Offending Teams;
(Which
included many data sharing and organisational start up issues).
After I made my intention known I was going to undertake a Phd.
(Remaining on hold for various reasons.)
I agree the seed probably originated in a similar source to principle
one.
The implications are different/wider to the DPA though in terms of:
organisational management, the impact could strongly support certain
aspects within all organisations who exercise exempt access;
social accountability of most organisations would be strengthened;
And various other similarly popular areas.
All the trigger issues for the idea certainly now indicate to me that
the time for that is ripe.
I do so hope that somebody on the list recalls some discussion or
presentation about this type of mechanism so I may correctly
reference
the idea within my other data.
Ian W
> -----Original Message-----
> From: Bradshaw, Phillip [mailto:[log in to unmask]]
> Sent: 04 December 2009 11:13
> To: [log in to unmask]
> Subject: RE: [data-protection] Tracing originator
>
>
> Ian
>
> Doesn't this simply come from principle 1 - fair and lawful.
>
> If someone asks for PD about me which the Council holds and
> the Council decides that it will disclose it principle 1 will
> usually apply (there are exceptions) . That means, to quote
> the schedule that they must, to meet the fairness requirement
> "... ensure so far as practicable that the data subject has,
> is provided with ... the purpose or purposes for which the
> data are intended to be processed.
>
> That even applies to the exempted access you may be referring
> to unless e.g. s29(1) "the application of those provisions to
> the data would be likely to prejudice any of the matters
> mentioned ..."
>
> But obviously if it is access which is fully exempted from
> principle 1 it follows the data subject should NOT be informed.
>
> So the originator you seek seems to be the draftsman of the
> legislation (possibly the directive I have not cross checked).
>
>
> Phillip Bradshaw
>
> Information Manager
> Clerk to the Council
>
> Room CY4A, County Hall
>
> EMail: [log in to unmask]
>
> Phone: 029 2087 3346
> Mobile : 07890 265987
>
> Fax: 029 2087 3349
>
> Mae Cyhoeddi Cynnar yn Codi Canfod Cadarnhaol
> Proactive Publishing Promotes Positive Perceptions
>
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> [log in to unmask]
> Sent: 03 December 2009 17:26
> To: [log in to unmask]
> Subject: [data-protection] Tracing originator
>
> I am trying to track down the originator of an idea from
> within the DP world allowing me to credit them fully in my
> documents. (Rather than
> anon.)
>
> The basic idea is that a data subject should be informed of
> any exempted access granted to their personal data.
>
> To put that bland statement into context :-
>
> I first came across it during the early development of
> computerised police intelligence systems within the
> organisation I was working for at the time. It was adapted in
> a number of ways during that period, often to reflect what
> where seen as threats to the work of police intelligence.
>
> For example:
> 1. If a person requests subject access to an audit trail can
> we claim an exemption? (I accept this is not a real problem
> as normal exemptions apply). 2. What options are there for
> checking on computer systems which avoid the openly available
> audit trail(s) and accountability mechanisms?
>
> Those sort of generic questions, coupled with ongoing but
> realistically futile requests to obtain access to transaction
> codes and facilities which were available to DP and other
> policing mechanisms on existing systems having been developed
> to identify or deal with abuse, as a means of apparently
> hiding certain work were the norm. The
> development/implementation of intelligence systems without
> any audit trails was also on ongoing issue.
>
> The fundamental situation reflected the normal mix of
> defining specifications and insecurities associated with such
> computerisation projects, coupled with the increased push for
> data sharing between organisations and forthcoming FOI requirements.
>
> Suggestions that the police themselves identify a validity
> time period for an exemption they were claiming, and then
> retain the ability to alter that time period within certain
> limits if necessary arose during the debates but was never
> well received.
>
> Ignoring all other factors and distractions, my distinct
> impression during this period was that the basic idea of
> notification to the individual who was the subject of access
> to personal data under an exemption, originated from outside
> the policing environment.
>
> Can anybody on the list assist in identifying the origin?
>
> Independently continuing,
>
> Ian W
>
>
>
>
> Get the best of the web - http://www.tiscali.co.uk/search
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask] All
> user commands can be found at
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving messages please send
> to the list owner
> [log in to unmask]
> Full help Desk - please email [log in to unmask]
> describing your needs
> To receive these emails in HTML format send the command:
> SET data-protection HTML to [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
>
**********************************************************************
> Privileged/Confidential Information may be contained in this
> message. If you are not the addressee indicated in this
> message (or responsible for delivery of the message to such
> person), you may not copy or deliver this message to anyone.
> In such case, you should destroy this message and kindly
> notify the sender by reply email. Please advise immediately
> if you or your employer does not consent to Internet email
> for messages of this kind. Opinions, conclusions and other
> information in this message that do not relate to the
> official business of the Council of the City and County of
> Cardiff shall be understood as neither given nor endorsed by
> it. All e-mail sent to or from this address will be
> processed by Cardiff County Councils Corporate E-mail system
> and may be subject to scrutiny by someone other than the addressee.
>
**********************************************************************
> Mae'n bosibl bod gwybodaeth gyfrinachol yn y neges hon. Os na
> chyfeirir y neges atoch chi'n benodol (neu os nad ydych chi'n
> gyfrifol am drosglwyddo'r neges i'r person a enwir), yna ni
> chewch gopio na throsglwyddo'r neges. Mewn achos o'r fath,
> dylech ddinistrio'r neges a hysbysu'r anfonwr drwy e-bost ar
> unwaith. Rhowch wybod i'r anfonydd ar unwaith os nad ydych
> chi neu eich cyflogydd yn caniatau e-bost y Rhyngrwyd am
> negeseuon fel hon. Rhaid deall nad yw'r safbwyntiau, y
> casgliadau a'r wybodaeth arall yn y neges hon nad ydynt yn
> cyfeirio at fusnes swyddogol Cyngor Dinas a Sir Caerdydd yn
> cynrychioli barn y Cyngor Sir nad yn cael sel ei fendith.
> Caiff unrhyw negeseuon a anfonir at, neu o'r cyfeiriad e-bost
> hwn eu prosesu gan system E-bost Gorfforaethol Cyngor Sir
> Caerdydd a gallant gael eu harchwilio gan rywun heblaw'r
> person a enwir.
>
**********************************************************************
>
> --
> Scanned by iCritical.
Get the best of the web - http://www.tiscali.co.uk/search
Get the best of the web - http://www.tiscali.co.uk/search
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|