Perhaps we are merely witnessing two Teutonic plates slowly colliding -
these plates are comprised of the "data protection evangelists", who wish
that data protection legislation was more in accordance with their personal
values, and the "data protection conservatives", who wish to adopt a
minimalist approach to standardisation.
Given the attention we often pay on the open roads to speed limits, it
constantly surprises me that some individuals place such an emphasis on the
obscure minutiae of European Directives!
Long live the (UK) courts! Their decisions often bring a smile to my
face................
Yes, I have a Friday feeling aleaady.
Regards
Martin Hoskins
Data Protection Manager
T-Mobile (UK) Ltd
Hatfield Business Park
Hatfield, Hertfordshire AL10 9BW
+44 (0)7957 234585
+44 (0)1707 319056 fax
-----Original Message-----
From: Tim Trent [mailto:[log in to unmask]]
Sent: 19 May 2004 08:37
To: [log in to unmask]
Subject: Re: UK's Data Protection Act Might Not Meet European Union
Standards
So, not controversial at all, Chris?
Actually this reflects what many of my colleagues are feeling. We do have
potentially poor implementation, and thus the courts are free to interpret
to the best of their ability.
Having legislation that you can drive a coach and horses through without
even tearing the paper is ridiculous, and expecting people to comply with it
in such different ways across Europe is impossibly huge as a business
burden, profit or non profit making organisation!
Tim Trent - Consultant
Direct: +44(0)1344 392644 Mobile:+44(0)7710 126618
email: [log in to unmask]
Marketing Improvement Limited, Abbey House, Grenville Place, Bracknell,
United Kingdom, RG12 1BP http://www.marketingimprovement.com
This message is for the intended addressee's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mis-transmission. If
you receive this message in error, please immediately delete it and all
copies of it from your system, destroy any hard copies of it and notify the
sender. You must not, directly or indirectly, use, disclose, distribute,
print, or copy any part of this message if you are not the intended
recipient. Any views expressed in this message are those of the individual
sender, except where the message states otherwise and the sender is
authorised to state them to be the views of any such entity.
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Pounder Chris
Sent: Wednesday, May 19, 2004 12:02 AM
To: [log in to unmask]
Subject: [data-protection] UK's Data Protection Act Might Not Meet European
Union Standards
The contents of this e-mail are confidential and may be privileged. Please
refer to the notice at the foot of this e-mail before reading any further.
I have filed this with Masons' out-law news services
If someone wants further detail, I will provide a file which outlines more
info on the below - just reply to this e-mail
Chris
UK's Data Protection Act Might Not Meet European Union Standards
In December last year, the landmark decision of the Court of Appeal in
Durant -v- FSA narrowed the scope of data protection to such an extent that,
on a subject access request, it effectively applied only to computerised
personal information which focused on a living individual in a
biographically significant way.
Today, the editors of Data Protection and Privacy Practice, a newsletter
published by Masons, said: "The Durant decision is based on faulty reasoning
which could result in the Data Protection Act of 1998 being found to be an
inadequate implementation of the Data Protection Directive of 1995".
Last week, Mr Durant filed papers with the European Commission in Brussels,
claiming that the UK Government had not implemented the Data Protection
Directive properly. The detailed analysis published in Data Protection and
Privacy Practice has been attached to substantiate that claim.
In addition, the Editors say that certain aspects of the Information
Commissioner's published advice in relation to the impact of the Durant
decision on certain CCTV systems, and on the recording of a name, does not
stand up to detailed scrutiny.
Dr. Chris Pounder, one of the editors of Data Protection and Privacy
Practice, explained why the UK could be in breach of its Directive
commitments: "In our view, the Directive's guarantee of the data subject's
right of access is seriously undermined by the breadth of judicial
discretion assumed by the English Courts in relation to section
7(9) of the Data Protection Act 1998. We are also of the view that there are
arguments that the implementation of the Directive's provisions in respect
of the meaning of personal data, can also be challenged."
Section 7 of the 1998 Act deals with an individual's right of access to
personal data. Section 7(9) states: "If a court is satisfied on the
application of any person who has made a request under the foregoing
provisions of this section that the data controller in question has failed
to comply with the request in contravention of those provisions, the court
may order him to comply with the request."
Dr. Pounder continued: "In the judgment, the Court of Appeal has interpreted
the 'may' in section 7(9) of the Act to claim a general and untrammelled
discretion not to enforce the right of access. By contrast, the 1995
Directive requires Member States to guarantee the right of access - this
means that the 'may' must be narrowly constructed". Dr Pounder concluded
"One cannot have a requirement to guarantee rights of access on the one hand
and have the courts having wide discretion not to back up the guarantee on
the other. There is a major inconsistency here."
In relation to the Court of Appeal decision itself, Dr. Pounder said that
there were several major problems with the reasoning displayed in the
judgment. Dr. Pounder said "In our analysis we show that all the arguments
that have been used to narrow the scope of personal data are based on a
misunderstanding of the provisions of the Act, and/or of its predecessor,
the Data Protection Act 1984. In one case, the reasons given by the Court of
Appeal for its judgment directly contradicts the reason the Government gave
Parliament when it enacted the legislation. This fact is plain to see in the
Parliamentary record published in Hansard".
Dr Pounder said "It is interesting to note that it was the discretion last
issue which unlocked Mr. Durant's route to the Court of Appeal. By
challenging discretion successfully, Mr. Durant was able to raise doubts on
the more substantive issues. History could now repeat itself"
Dr. Pounder concluded: "Without the discretion point, the arguments for
compliance or non-compliance are not clear cut and, on their own, might even
not be worth exploring. However, given that the court's interpretation of
its discretion to order a data controller to give access is, in our view,
wholly non-compliant with the objectives of the 1995 Directive, it could be
that this is the issue which brings the whole of the UK's implementation
into sharp focus".
Dr. C.N.M. Pounder
Consultant & Editor of Data Protection & Privacy Practice Information &
Technology Group Masons - International Law Firm
DDI: +44(0)20 7490 6605
Fax: +44(0)20 7490 2545
E-mail: [log in to unmask]
Post-mail: 30 Aylesbury Street, London EC1R 0ER, UK www.masons.com
www.out-law.com
If you have received this e-mail in error, do not use the contents of the
e-mail or disclose it to any other person. Please notify us by reply, or
telephone our London office on +44 (0) 20 7490 4000, and then delete the
e-mail. We believe, but do not warrant, that this e-mail and its attachments
are virus-free, but you should check. Masons may monitor traffic data of
both business and personal e-mails. By replying to this e-mail, you consent
to Masons' monitoring the content of any e-mails you send to or receive from
Masons. Masons is not liable for any opinions expressed by the sender where
this is a non-business e-mail.
Masons is an international law firm with offices in London, Bristol,
Edinburgh, Glasgow, Leeds, Manchester, Brussels, Hong Kong, Shanghai and
Singapore. Further information about the firm and a list of partners are
available for inspection at 30 Aylesbury Street, London EC1R 0ER or from our
web site at www.masons.com. Each of our offices is regulated by the relevant
local law society.
This e-mail has been scanned for all viruses by Star Internet using
MessageLabs SkyScan services. For more information visit: www.star.net.uk.
____________________________________________________________________________
_____________
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
NOTICE AND DISCLAIMER:
This email (including attachments) is confidential. If you have received
this email in error please notify the sender immediately and delete this
email from your system without copying or disseminating it or placing any
reliance upon its contents. We cannot accept liability for any breaches of
confidence arising through use of email. Any opinions expressed in this
email (including attachments) are those of the author and do not necessarily
reflect our opinions. We will not accept responsibility for any commitments
made by our employees outside the scope of our business. We do not warrant
the accuracy or completeness of such information.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
