Sarah Westwood on Friday, December 19, 2003 at 9:27 AM said:-
> I would be very uneasy if as a result of this case unproven
> allegations were enough to deny an individual a job.
There are many difficult areas dealt with in these matters, see:-
http://www.crb.org.uk/services_disclosure_overview.asp
for details of the structured national vetting process, properly determined
by levels of risk, and checked against DP principles. Details of police
force information systems may be found on the IC's notifications database.
There are bound to be fairly strict guidelines within police forces (and
systems) on what may be disclosed and how. I dare say some material will be
published on police url's, on the CRB website or available under FOI, as
there should be no reason for most of it not to be.
It does rather seem there is a growing tendency to vet for everything. I
suppose some organisations will eventually look upon vetting as nothing more
than a replacement for references and personal judgement, which will, in my
view, paradoxically increase many of the risks.
Ian W
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> Sarah Westwood
> Sent: Friday, December 19, 2003 9:27 AM
> To: [log in to unmask]
> Subject: Re: DP weeding
>
>
> Isn't there a human rights issue here in that part of the
> reason why Ian Huntly's "record" wasn't disclosed as part of
> an employment vetting process was because none of the
> previous allegations against him lead to a criminal
> conviction, or even an arrest?
>
> The fault here is surely that of the CPS to prosecute, or of
> the police to secure enough evidence against him, not one of
> data retention or disclosure.
>
> I would be very uneasy if as a result of this case unproven
> allegations were enough to deny an individual a job.
>
> Sarah Westwood
> Records Management Officer
> Girton College
> Cambridge CB3 0JG
>
> Tel: 01223 338976
> Fax: 01223 338896
> Website: www.girton.cam.ac.uk
>
> --On 18 December 2003 17:28 +0000 Ian Welton
> <[log in to unmask]> wrote:
>
> > Paul Ticher on Thursday, December 18, 2003 at 3:10 PM said:-
> >
> >> What is
> >> dangerous is an efficient information system with no system of
> >> oversight, or with significant restrictions on subject access.
> >
> > Quite. I was under the impression that police intelligence had a
> > formulated set of rules which had been agreed nationally,
> were fully
> > compliant with DP and police requirements, and were then
> implemented
> > locally. I suppose, with relating to sensitive data, they
> were locked
> > away, so only the appropriate people had access to them;
> Exactly the
> > type of situation which can often lead to things being
> forgotten over
> > time, and one DP practitioners sometimes find frustrating.
> >
> > Ian W
> >
> >> -----Original Message-----
> >> From: This list is for those interested in Data Protection issues
> >> [mailto:[log in to unmask]] On Behalf Of Paul Ticher
> >> Sent: Thursday, December 18, 2003 3:10 PM
> >> To: [log in to unmask]
> >> Subject: Re: DP weeding
> >>
> >>
> >> My rule of thumb for Principle 5 is: "If it is conceivable that
> >> someone might ask you for the information in the future,
> and it would
> >> matter that you didn't have it, then it is still
> 'necessary' to keep
> >> it." I know this just moves the issue to whether it would
> 'matter' -
> >> and to whom - but I do think there can be a public interest
> >> justification for keeping information even if the Data Subject
> >> doesn't want you to. The retention has to be 'fair', of
> course, which
> >> is not the same as saying that the Data Subject must agree. (It's
> >> fair to send the kids to bed in good time when there's school the
> >> next day. That doesn't mean they like it.)
> >>
> >> Data Protection - especially in the public sphere - is often about
> >> balancing different interests, so these concerns won't go
> away. But
> >> I must say I'm a bit surprised that the police apparently
> have such
> >> ineffective data systems. I took it for granted that the state
> >> already had this massive amount of carefully compiled data on
> >> everyone, and the arguments were about whether they should
> keep even
> >> more. Obviously not. If they did, the key balancing safeguard is
> >> subject access, so that unfair or inaccurate data can be
> challenged.
> >> What is dangerous is an efficient information system with no system
> >> of oversight, or with significant restrictions on subject access.
> >>
> >> Paul Ticher
> >> 0116 273 8191
> >> 22 Stoughton Drive North, Leicester LE5 5UB
> >>
> >> I hereby require any recipient of this message not to use
> my personal
> >> data for direct marketing purposes.
> >>
> >>
> >> ----- Original Message -----
> >> From: "Peter Lane" <[log in to unmask]>
> >> To: <[log in to unmask]>
> >> Sent: Wednesday, December 17, 2003 9:37 PM
> >> Subject: Re: DP weeding
> >>
> >>
> >> > Ian makes an interesting point . . .
> >> >
> >> > "I had also been under the firm impression there were nationally
> >> > agreed weeding rules for many police computing systems".
> >> >
> >> > There are nationally agreed weeding rules, formulated by
> ACPO and
> >> > signed
> >> off
> >> > by the Information Commissioner. I was involved in one issue
> >> > following
> >> the
> >> > introduction of the ACPO weeding rules whereby an individual had
> >> complained
> >> > (S.42) that their conviction (violence) was being retained
> >> on the PNC.
> >> The
> >> > compliance manager at the Commissioners Office made it
> quite clear
> >> > that notwithstanding the fact that the retention was in
> >> line with the
> >> > weeding rules, in this particular case the conviction should be
> >> > removed as it was breaching the 5th principle. I do not
> >> know how the
> >> > issue was finally resolved as I believe it went back to the
> >> ACPO Data
> >> > Protection Committee
> >> for
> >> > consideration. In one sense it seems that the Police can
> >> not do right
> >> > for doing wrong. I can however see the Information
> Commissioners
> >> > point of
> >> view
> >> > though (they have already responded to Channel 4 news) that a
> >> > judgement needs to be taken in each case. As Ian points
> out I was
> >> > also under the impression that the type of intelligence as
> >> described
> >> > in the Soham case could be retained by the Police as long
> >> as regular
> >> > review periods were documented and maintained.
> >> >
> >> > Peter Lane
> >> >
> >> >
> >> > -----Original Message-----
> >> > From: This list is for those interested in Data
> Protection issues
> >> > [mailto:[log in to unmask]]On Behalf Of Ian Welton
> >> > Sent: 17 December 2003 20:04
> >> > To: [log in to unmask]
> >> > Subject: DP weeding
> >> >
> >> >
> >> > I heard with interest a comment made in a BBC news item tonight
> >> > relating
> >> to
> >> > the Soham case:-
> >> >
> >> > http://news.bbc.co.uk/1/hi/uk/3328533.stm
> >> >
> >> > Quote:-
> >> >
> >> > " 'Differing interpretations'
> >> > The second weakness related to the 1984 Data Protection
> >> Act. "We had
> >> > been informed by the Information Commissioner that the Data
> >> Protection
> >> > Act does not allow retention of information purely for
> >> employment
> >> > vetting," he said.
> >> > He said there were differing interpretations of what was
> >> required by
> >> > different agencies. Mr Westwood said: "We face here the
> >> contradictory
> >> > nature of two public policies.
> >> > "First is the Data Protection Act which requires the removal of
> >> information
> >> > relating to individuals.
> >> > "Secondly is the retaining of information to protect vulnerable
> >> > people. "There is no national guidance on this. It is urgently
> >> > needed." He told journalists he would support any change in
> >> the law to
> >> > come from
> >> the
> >> > Soham case, and welcomed the inquiry announced by the home
> >> secretary
> >> > following Wednesday's murder verdicts. "
> >> >
> >> > Given the seriousness of the issues raised by the case, clearly
> >> > matters
> >> need
> >> > resolving by the proper authorities.
> >> >
> >> > How does DP determine the weeding criteria for personal data now?
> >> >
> >> > It used to be that the users/controllers debated the
> >> retention period
> >> > and came to a consensus, based upon as firm a set of facts as
> >> > possible, about the proper retention for the material in
> question,
> >> > then, as determined by the data controller, either
> >> programatically or
> >> > manually conducted the weeding. I had also been under the firm
> >> > impression there were nationally agreed weeding rules for
> >> many police
> >> > computing systems.
> >> >
> >> > Has this changed, or are different processes to
> determine retention
> >> > now in operation?
> >> >
> >> > Ian W
> >> >
> >> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >> > All archives of messages are stored permanently and are
> >> > available to the world wide web community at large at
> >> > http://www.jiscmail.ac.uk/lists/data-protection.html
> >> > If you wish to leave this list please send the command
> >> > leave data-protection to [log in to unmask]
> >> > All user commands can be found at : -
> >> > http://www.jiscmail.ac.uk/help/commandref.htm
> >> > (all commands go to [log in to unmask] not the
> list please)
> >> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >> >
> >> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >> > All archives of messages are stored permanently and are
> >> > available to the world wide web community at large at
> >> > http://www.jiscmail.ac.uk/lists/data-protection.html
> >> > If you wish to leave this list please send the command
> >> > leave data-protection to [log in to unmask]
> >> > All user commands can be found at : -
> >> > http://www.jiscmail.ac.uk/help/commandref.htm
> >> > (all commands go to [log in to unmask] not the
> list please)
> >> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >> >
> >>
> >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >> All archives of messages are stored permanently and are
> >> available to the world wide web community at large at
> >> http://www.jiscmail.ac.uk/lists/data-protection.html
> >> If you wish to leave this list please send the command
> >> leave data-protection to [log in to unmask]
> >> All user commands can be found at : -
> >> http://www.jiscmail.ac.uk/help/commandref.htm
> >> (all commands go to [log in to unmask] not the list
> >> please)
> >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >>
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > All archives of messages are stored permanently and are
> > available to the world wide web community at large at
> > http://www.jiscmail.ac.uk/lists/data-protection.html
> > If you wish to leave this list please send the command
> > leave data-protection to [log in to unmask]
> > All user commands can be found at : -
> > http://www.jiscmail.ac.uk/help/commandref.htm
> > (all commands go to [log in to unmask] not the list please)
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
>
>
> Sarah Westwood
> Records Management Officer
> Girton College
> Cambridge CB3 0JG
>
> Tel: 01223 338976
> Fax: 01223 338896
> Website: www.girton.cam.ac.uk
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list
> please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
