It was interesting to read the reasons given by the agency body as I have become aware of a similar situation with regards to an evaluation questionnaire as part of an assessment of a DfEE youth project which one of our regional teams has received. The team's work on this project is funded by the Home Office. It is not clear who is the data controller and I am trying to establish whether there is any formal agreement about this which may affect the requirement to comply with the evaluation questionnaire. The questionnaire itself is very detailed, requiring specific and sensitive information. There is no indication as to any statutory basis for collecting the data, or any exemption from Data Protection. I have suggested that we might opt to obtain consent in any case, both for peace of mind and respect for the relationship with service users. -----Original Message----- From: Lewis Bourne [mailto:[log in to unmask]] Sent: 22 May 2001 16:40 To: [log in to unmask] Subject: Research Questionnaire Can anyone please offer some help on the following: I have recently been contacted by a primary school head teacher concerned about a research questionnaire they had received. The questionnaire was asking for details of Pupil name, Date of Birth, Free School Meal entitlement, Ethnic Background and First language, class name and teacher name. The information was to be provided for a specific age band who would then be monitored over a number of years for National class size research. A number of Primary schools across the country will have been sent the questionnaire. My view is that the schools should gain consent from the pupils parents before disclosing this data as 'sensitive personal data' is involved. The covering letter that accompanied the questionnaire did not identify any legislative powers by which the info was being gathered and asked if the schools would be 'interested in' rather than 'must' complete the form. I queried the questionnaire with the originator (not a Gov't Department)and they have responded as follows: "Secretary of State does have power under section 538 of the Education Act 1996 to require schools to provide such information as he requires for exercising his functions. As the research is designed in the long term to enable the DfEE to improve education,the section provides the power. Our understanding is that the Data Protection Act exempts information required for the purpose of a minister or a department exercising its functions from some of the data protection principles. This means that in this case the DfEE can collect the information without the parents' permission." Because the @@@@@@@@@@@@ are acting as the department's agents in collecting this information, they can exercise those powers, as long as they are only going to use the information for the purposes of research for this department and not for any other purpose." OK. so if this is fact then all well and good, but shouldn't the covering letter have still complied with the fair obtaining rules by identifying the legislative requirements and that they were acting as an agent for the DfEE. I'm still not convinced. Any help?? Lewis Bourne Principal Information Security Officer I.C.T. Services This e-mail contains proprietary information some of which or all of which may be legally privileged. It is for the intended recipient only. If an addressing or transmission error has misdirected the e-mail, please notify the author by replying to this email. If you are not the intended recipient you must not use, disclose, distribute, copy, print or rely on this e-mail. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - www.jiscmail.ac.uk/user-manual/summary-user-commands.htm all commands go to [log in to unmask] not the list please! ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - www.jiscmail.ac.uk/user-manual/summary-user-commands.htm all commands go to [log in to unmask] not the list please! ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^