In message <[log in to unmask]>, at 09:02:22 on Fri, 5 Nov 2004, Chris Spray <[log in to unmask]> writes >I think the argument would run that if you tell everyone concerned that >you are keeping all emails and why, does that not cover you for >principles 1,2 and 5? The reason you are keeping them still has to be legitimate. TICO doesn't believe that keeping all comms data [related to who sent emails and when, not even content] is legitmate if the only reason is "so we can be nice to the police if they ask for something at some unspecified point in the future". Even if you tell all the customers that this is the case. However, other Regulatory requirements to keep emails will undoubtedly assist the Data Controller in making a case. But I think individual circumstances will dictate whether or not that case is watertight if (eg) they are keeping all emails because they need to have access to 0.01% of them for regulatory purposes. -- Roland Perry ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^