In message <002401c3ea5e$acc51b50$21a19ed9@HCERT001>, Andrew Cormack
<[log in to unmask]> writes
>My take on it is that the EC Directive (2002/58/EC) that the privacy
>regs implement is supposed to explain how Data Protection principles
>apply to electronic communications. So even if spamming an address like
>[log in to unmask] is legal within the words of the Privacy Regs,
>there has to be a strong presumption that Data Protection has been
>breached, 'cos that e-mail address is personal data no matter whether I
>pay for the bit after the @ sign or not. Or am I applying too much of
>this "common sense" stuff ???
I think (MRD applies) that the APIG spam report covers much of this
rather well. See paras 32-45. Especially the discussion of the very
narrow situation of permissible B2B unsolicited emails:
They should be of interest to the *business* not the *individual*, and
an *individual's* email address should not be emailed if it was
"harvested", even if the email address is @a-business.
http://www.apig.org.uk/spam_report.pdf
My original evidence is at:
http://www.apig.org.uk/rolandperryevidence.pdf
>2002/58/EC and 97/66/EC don't extend
>the data protection rules set out in 95/46/EC, they simply clarify its
>application to a particular set of circumstances.
Further, 2002/58/EC and 97/66/EC can impose *extra* restrictions on how
data is processed, but cannot *relax* any of the requirements of
95/46/EC.
--
Roland Perry
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
