JISCMail - DATA-PROTECTION Archives

Paul

I have examined a number of statutory provisions which relate to personal
data use and in my view these are generally very narrow in application.

Making the data public in relation to a statutory obligation does not
necessarily extend to allow a controller to process to actively despatch to
a third party for what is clearly a marketing purpose without consideration
of both principle 1 and section 11 rights. I do not believe the planning
authority have a statutory obligation to send to an Insurer simply an
obligation to make available for viewing (given someone may wish to
challenge the plans). If there was a statutory obligation to send it to an
Insurer why has this not been happening before (unless planning legislation
has recently changed on this point) and why would Insurers pay for something
they can get for free, after all we still have to ensure we are prudently
managing shareholder / policyholder funds.

Given there is no proven statutory right then the planning authority are in
fact using the data for a different purpose to the one it was collected for
(from planning purpose to trading in data). This new purpose needs
assessment against the provisions of the Act in its own right.

As a DP manager at an Insurer I recommend that to protect ourselves when
purchasing 'cold lists' from third parties that some form of warranty is
obtained from the seller that the Data Protection Act has been complied with
and the list is free from DP liability issues and can be used for marketing
purposes given this is why we wish to buy it. We still then have the
overhead of filtering it against our own existing marketing objectors list
to ensure fairness and support section 11 before we could use.

Now I come to think of it this is probably why our marketing division in
their enthusiasm to market no longer seek DPA advices on this point, perhaps
they hope to plead ignorance.  I think I feel a compliance audit coming
on.........

David Wyatt



-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]]On Behalf Of Stuart Lynch
Sent: 06 December 2000 16:38
To: [log in to unmask]
Subject: Re: Planning Register disclosures

Paul

I would be inclined to take advice from a lawyer who knows the Planning laws
on this one - it all hinges on whether the same provision exists as for the
electoral register, ie the register must be made available to anyone
requesting a copy, and the Electoral Registration Officer may make a charge
for the supply.  If such a provision does not exist, you may be on safe
ground in opposing the disclosure, but I can't be optimistic - as
Leigh-Pollitt & Mullock say in "The Data Protection Act Explained", Section
34 is "an exemption which, if fully exploited, could drive a coach and
horses through the good intentions of the Act....For those individuals who
have taken great care to tick opt-out boxes or to register with the Mailing
Preference Service, it can be particularly galling if their information is
made available in this way".

Regards
Stuart

-----Original Message-----
From: Paul Couldrey [mailto:[log in to unmask]]
Sent: 28/11/2000 11:12
To: [log in to unmask]
Subject: Planning Register disclosures


A question for all the local authority people out there (and perhaps the HE
people will find the discussion useful).  The planning department are
requesting that they send the register of planning applications to an
Insurance company, for that company to offer services etc.
The department are claiming that s.34 exemption for disclosure i.e.. the
list has to be made available to the public etc, and as such s.27 covers
further disclosures.  Personally I argue not, as s. 34 states available to
public, is the company legally to be viewed as the public?  Equally these
exemptions quoted mention nothing about Direct Marketing s.11, surely this
is Direct Marketing.
As such I feel that the principle of fairly obtaining the data is breached
as the data subjects are unaware of the secondary use of the data, and this
purpose is not in the notified entry, so 2nd principle problems too.

Any thoughts??

Paul Couldrey
Data Protection Officer
Wolverhampton Council

'the views expressed are personal and may not necessarily reflect those of
Wolverhampton Council, unless explicitly stated otherwise'
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.

www.mimesweeper.com
**********************************************************************