We have a staff directory for which explicit consent is sought from members
of staff ( I can let you have a copy of the document we use if you wish).
Our decision to do this was based upon an exchange between the OIC and
myself, relevant excerpts of which I list below. My understanding from this
advice is that you can only publish student mail addresses on an opt-in
basis, but that staff addresses may be published providing a clear option is
given to them to opt-out. We simply asked staff once whether they wanted to
be in or out and then give them an annual chance to change their mind. Of
course, they can opt out at any time.
Excerpts from OIC follow:
<quote>
If the effect of placing an e-mail address on a website is simply that it
allows a member of your staff to be contacted from anywhere in the world,
you may wish to argue that there is no additional risk as compared to say
the publication of the names of academic staff in a university year book or
directory.
While this argument would certainly hold a good for academic staff, there
may be arguments to the contrary in respect of certain junior members of
staff whose details may not normally be made publicly available.
The same would certainly be true of students who would not normally expect
the fact that they had enrolled on particular courses to be made publicly
available. Certainly most universities have policies in place to prevent
the disclosure of names, addresses, telephone numbers etc. of students to
casual enquiries. In the case of students, therefore, it would seem to me
there is an appreciable risk to the privacy of individuals by placing their
details on a website.
<unquote>
and
<quote>
If, as a consequence of an individual's details being placed on your
website, he or she receives unsolicited mail, particularly of an unpleasant
nature, then it seems to me that the University is under an obligation to
remove that individual's from your website. Clearly not to do so would be
to risk a breach of the 8th Data Protection Principle which requires that
personal data is not transferred overseas unless there are guarantees that
there will be no adverse effects upon the fundamental rights and freedoms of
individuals as set out in the Data Protection Act. I would have no
hesitatation in advising the Commissioner to take action against a
university which refused to remove an individual's details from its website
upon request in the circumstances suggested above.
<unquote>
Owen Parry
Pennaeth Cyfrifiadura Gweinyddol/
Head of Administrative Computing
Prifysgol Cymru/
University of Wales
Tel: (029) 2038 2656 Ffacs/Fax: (029) 2039 6040
-----Original Message-----
From: Rebecca Hughes [mailto:[log in to unmask]]
Sent: 10 October 2001 11:55
To: [log in to unmask]
Subject: Web directories
Looking at various university websites, I have discovered that some have
staff and student e-mail and telephone directories available to the general
web-surfing public, some state that they do not have such a directory
because of data protection legislation and others still, appear to have
adopted an "opt-in" system whereby only staff/students who ask to have
their contact details included will be published, resulting in an
incomplete directory. I find this discrepancy slightly worrying - has
anybody received advice from the OIC on this matter?
Becky
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
