Below is reproduced, from her website, the Commissioner's very wide interpretation of the term 'personal data' i.e. any distinct living person. Others may take the view that 'personal data' is more narrowly construed and relates only to those positively identified, i.e you know who they are and where to find them. Only the courts can decide, anybody willing to be a guinea-pig?
"The individual must be capable of being identified. How does the Commissioner approach this issue?
The individual must be capable of being identified from data in the possession of the data controller, or from those data and other information in the possession of, or likely to come into the possession of, the data controller.
The Commissioner recognises that an individual may be "identified" without necessarily knowing the name and address of that particular individual.
The Commissioner's view is that it is sufficient if the data are capable of being processed by the data controller to enable the data controller to distinguish the data subject from any other individual. This would be the case if a data subject could be treated differently from other individuals.
For example:
The capture of an image of an individual by a CCTV camera may be done in such a way that distinguishable features of that individual are processed and identified from the captured images. This will amount to personal data."
Alan
-----Original Message-----
From: [log in to unmask] [mailto:[log in to unmask]]
Sent: 10 October 2001 22:14
To: [log in to unmask]
Subject: Re: new topic: CCTV and surveillance
In a message dated 10/10/2001 08:13:34 GMT Daylight Time,
[log in to unmask] writes:
<< What is challenging my own mind at the moment is "Is a CCTV image 'data
capable of identifying an individual' as described by the DP Act, or must
something be combined with the image before the image and recording and
storage of that image is subject to this act?" >>
----------
The argument put forward by the OIC in the early days (perhaps before they
were called the OIC) was that because personal data was that where a person
could be identified from that - or from that and other info in the possession
of the controller - or from that and info likely to come into the possession
of the controller - and that it was likely that your control room operator
knew the individual (perhaps they know shoplifters from previous incidents)
or you would want to find out the identity of the subject who was committing
some sort of offence (perhaps from the police) - it would be classed as
personal data.
In terms of subject access requests, perhaps even the data subject will
supply information that helps you identify the individual.
So for those who were thinking they had wasted loads of time - rest easy, it
was time well spent.
Ian Buckland
MD
Keep IT Legal Ltd
Please Note: The information contained in this document does not replace or
negate the need for proper legal advice and/or representation. It is
essential that you do not rely upon any advice given without contacting your
solicitor. If you need further explanation of any points raised please
contact Keep I.T. Legal Ltd at the address below:
55 Curbar Curve
Inkersall, Chesterfield
Derbyshire S43 3HP
(Reg 3822335)
Tel: 01246 473999
Fax: 01246 470742
E-mail: [log in to unmask]
Website: www.keepitlegal.co.uk
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
--
_______________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup
Have you downloaded the latest calling software from Net2Phone? Click here to get it now!
http://www.net2phone.com/cgi-bin/adforward.cgi?p_key=NH211JK&url=http://commcenter.net2phone.com/
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
