KIT said "In terms of subject access requests, perhaps even the data subject will supply information that helps you identify the individual."
For info (for those who have not had time to digest it yet!)
The OIC CoP states that:
<<Data subjects may have to provide:
1. Dates and times of when they visited the premises of the user of the equipment, and,
2. A photograph of the individual may be requested in order to locate the correct image - if the individual making the request is unknown to the user of the equipment.
Data Subjects can also be asked whether they would be satisfied with merely viewing the images recorded.>>
This info, included on CCTV SAR forms hopefully will make life "easier".
Peter
Peter Wilson
Data Protection Officer
University of Paisley
>>> <[log in to unmask]> 10/10/01 10:14pm >>>
In a message dated 10/10/2001 08:13:34 GMT Daylight Time,
[log in to unmask] writes:
<< What is challenging my own mind at the moment is "Is a CCTV image 'data
capable of identifying an individual' as described by the DP Act, or must
something be combined with the image before the image and recording and
storage of that image is subject to this act?" >>
----------
The argument put forward by the OIC in the early days (perhaps before they
were called the OIC) was that because personal data was that where a person
could be identified from that - or from that and other info in the possession
of the controller - or from that and info likely to come into the possession
of the controller - and that it was likely that your control room operator
knew the individual (perhaps they know shoplifters from previous incidents)
or you would want to find out the identity of the subject who was committing
some sort of offence (perhaps from the police) - it would be classed as
personal data.
In terms of subject access requests, perhaps even the data subject will
supply information that helps you identify the individual.
So for those who were thinking they had wasted loads of time - rest easy, it
was time well spent.
Ian Buckland
MD
Keep IT Legal Ltd
Please Note: The information contained in this document does not replace or
negate the need for proper legal advice and/or representation. It is
essential that you do not rely upon any advice given without contacting your
solicitor. If you need further explanation of any points raised please
contact Keep I.T. Legal Ltd at the address below:
55 Curbar Curve
Inkersall, Chesterfield
Derbyshire S43 3HP
(Reg 3822335)
Tel: 01246 473999
Fax: 01246 470742
E-mail: [log in to unmask]
Website: www.keepitlegal.co.uk
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Legal disclaimer
--------------------------
The information transmitted is the property of the University of Paisley and is intended only for the person or entity
to which it is addressed and may contain confidential and/or privileged material. Statements and opinions expressed in this
e-mail may not represent those of the company. Any review, retransmission, dissemination and other use of, or taking
of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited.
If you received this in error, please contact the sender immediately and delete the material from any computer.
--------------------------
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
