No-one can disagree with that at all. It is a statutory limit. The point I think people are making (I know I am) is that it takes a complaint to invoke TICO. Thus, if 40 days is for any reason unhittable a decent, open and frank explanation is likely to stop the potential complaint from happening. Unless, of course, it is a "wilful and malicious SAR" in the first place. Tim Trent - Consultant Direct: +44(0)1344 392644 Mobile:+44(0)7710 126618 email: [log in to unmask] Marketing Improvement Limited, Abbey House, Grenville Place, Bracknell, United Kingdom, RG12 1BP http://www.marketingimprovement.com This message is for the intended addressee's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mis-transmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of any such entity. -----Original Message----- From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Atkinson, C. Sent: Tuesday, October 05, 2004 1:38 PM To: [log in to unmask] Subject: Re: [data-protection] [Maybe Spam] Re: [data-protection] Third party response conse nt. Was - RE: SAR and compliance calendar days You may wish to review your procedures. Whilst the ICO is quite understanding of the position, the 40 day limit is unconditional. The advice I was given by the ICO was that 'there are no circumstances which may be quoted in mitigation for any Subject Access Request to go beyond the forty days allowed for satisfaction'. Colin Atkinson Data Protection Officer University of Leicester -----Original Message----- From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]]On Behalf Of Broom, Doreen Sent: 05 October 2004 10:26 To: [log in to unmask] Subject: Re: [Maybe Spam] Re: [data-protection] Third party response conse nt. Was - RE: SAR and compliance calendar days ***** This email was sent via the INTERNET ***** Exactly what we do Brenda - common-sense. Nobody is going to go berserk even the ICO if you have a reasonable explanation. I have one at the moment which goes back to an agreement 30 years ago and we are having difficulty in locating information but we are keeping the individual aware of the situation and they are very understandable. Doreen -----Original Message----- From: Scourfield, Brenda [SMTP:[log in to unmask]] Sent: 05 October 2004 09:29 To: [log in to unmask] Subject: Re: [Maybe Spam] Re: [data-protection] Third party response conse nt. Was - RE: SAR and compliance calendar days ***** This email was received from the INTERNET ***** We supply all that we can as soon as we can.If it's a particularly contentious case we start the ball rolling before we have the form returned with the fee. We wait until we have as much data as possible and send it all out together. If it looks like it's going to go over the 40 days for some data - 3rd party consent to obtain or whatever, we write to the Data Subject explaining this and the reason why. Once a Data Subject came back and said 'What about my data in such and such department'. We supplied this with a suitable apologetic letter. Brenda Scourfield Team Leader I.T. Division Pembrokeshire County Council County Hall Haverfordwest SA61 1 TP Tel 01437 775380 > -----Original Message----- > From: Roland Perry [SMTP:[log in to unmask]] > Sent: 05 October 2004 09:18 > To: [log in to unmask] > Subject: [Maybe Spam] Re: [data-protection] Third party response > consent. Was - RE: SAR and compliance calendar days > > In message <000f01c4aa04$28e8e800$5b3468d5@ntlworld>, at 12:20:25 on > Mon, 4 Oct 2004, Ian Welton <[log in to unmask]> writes > >There is also no existing mechanism which would require a data controller > to > >take any action in following up any third party enquiries (The 40 days > and > >40 nights have passed, the SAR file is closed). > > Can I follow up this aspect of the discussion? > > What are you expecting to happen to a SAR when the data controller is > simply too busy or disorganised to reply within 40 days? (I've had that > happen to the one and only SAR I've issued, and the Data Controller was > the Met Police). > > Are you saying that all they should do is give up at the 40 days and say > "so sue me", rather than struggle on and get the data sorted out in 45 > days (which is what happened in my case)? > -- > Roland Perry > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > All archives of messages are stored permanently and are > available to the world wide web community at large at > http://www.jiscmail.ac.uk/lists/data-protection.html > If you wish to leave this list please send the command > leave data-protection to [log in to unmask] > All user commands can be found at : - > http://www.jiscmail.ac.uk/help/commandref.htm > (all commands go to [log in to unmask] not the list please) > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ **************************************************************************** ********************************** This document should only be read by those persons to whom it is addressed, and be used by them for its intended purpose; and must not otherwise be reproduced, copied, disseminated, disclosed, modified, distributed, published or actioned. If you have received this email in error, please notify us immediately by telephone on 01437 775882 and delete it from your computer immediately. This email address must not be passed on to any third party nor be used for any other purpose. Pembrokeshire County Council Website - http://www.pembrokeshire.gov.uk This signature also confirms that this email message has been swept for the presence of computer viruses and malicious code. **************************************************************************** *********************************** Dim ond y sawl y mae'r ddogfen hon wedi'i chyfeirio atynt ddylai ei darllen, a'i defnyddio ganddynt ar gyfer ei dibenion bwriadedig; ac ni ddylid fel arall ei hatgynhyrchu, copio, lledaenu, datgelu, addasu, dosbarthu, cyhoeddi na'i rhoi ar waith chwaith. Os ydych chi wedi derbyn yr e-bost hwn trwy gamgymeriad, byddwch cystal a rhoi gwybod i ni ar unwaith trwy ffonio 01437 775882 a'i ddileu oddi ar eich cyfrifiadur ar unwaith. Ni ddylid rhoi'r cyfeiriad e-bost i unrhyw drydydd parti na'i ddefnyddio ar gyfer unrhyw ddiben arall chwaith. Gwefan Cyngor Sir Penfro - http://www.pembrokeshire.gov.uk Mae'r llofnod hwn hefyd yn cadarnhau bod y neges e-bost hon wedi cael ei harchwilio am fodolaeth firysau cyfrifiadurol a chod maleisus. **************************************************************************** *********************************** ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ******************************************************************** * This email is privileged, confidential and subject to copyright. * * Any unauthorised use or disclosure of its content is prohibited. * * The views expressed in this communication may not necessarily * * be the views held by Scottish Borders Council. * ******************************************************************** ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^