It was interesting to read the reasons given by the agency body as I have
become aware of a similar situation with regards to an evaluation
questionnaire as part of an assessment of a DfEE youth project which one of
our regional teams has received. The team's work on this project is funded
by the Home Office. It is not clear who is the data controller and I am
trying to establish whether there is any formal agreement about this which
may affect the requirement to comply with the evaluation questionnaire. The
questionnaire itself is very detailed, requiring specific and sensitive
information. There is no indication as to any statutory basis for
collecting the data, or any exemption from Data Protection. I have
suggested that we might opt to obtain consent in any case, both for peace of
mind and respect for the relationship with service users.
-----Original Message-----
From: Lewis Bourne [mailto:[log in to unmask]]
Sent: 22 May 2001 16:40
To: [log in to unmask]
Subject: Research Questionnaire
Can anyone please offer some help on the following:
I have recently been contacted by a primary school head teacher concerned
about a research questionnaire they had received. The questionnaire was
asking for details of Pupil name, Date of Birth, Free School Meal
entitlement, Ethnic Background and First language, class name and teacher
name. The information was to be provided for a specific age band who would
then be monitored over a number of years for National class size research.
A number of Primary schools across the country will have been sent the
questionnaire.
My view is that the schools should gain consent from the pupils parents
before disclosing this data as 'sensitive personal data' is involved. The
covering letter that accompanied the questionnaire did not identify any
legislative powers by which the info was being gathered and asked if the
schools would be 'interested in' rather than 'must' complete the form.
I queried the questionnaire with the originator (not a Gov't Department)and
they have responded as follows:
"Secretary of State does have power under section 538 of the Education Act
1996 to require
schools to provide such information as he requires for exercising his
functions. As the research is designed in the long term to enable the DfEE
to improve education,the section provides the power.
Our understanding is that the Data Protection Act exempts information
required for the purpose of a minister or a department exercising its
functions from some of the data protection principles. This means that in
this case the DfEE can collect the information without the parents'
permission." Because the @@@@@@@@@@@@ are acting as the department's agents
in collecting this
information, they can exercise those powers, as long as they are only going
to use the information for the purposes of research for this department and
not for any other purpose."
OK. so if this is fact then all well and good, but shouldn't the covering
letter have still complied with the fair obtaining rules by identifying the
legislative requirements and that they were acting as an agent for the DfEE.
I'm still not convinced. Any help??
Lewis Bourne
Principal Information Security Officer
I.C.T. Services
This e-mail contains proprietary information some of which
or all of which may be legally privileged. It is for the
intended recipient only. If an addressing or transmission
error has misdirected the e-mail, please notify the author by
replying to this email. If you are not the intended recipient
you must not use, disclose, distribute, copy, print or rely
on this e-mail.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
