For public authorities, you look at the FoIA guidance at
http://www.informationcommissioner.gov.uk/eventual.aspx?id=77
On personal information and on confidence
Note in particular the distinction between public lives and private lives.
Public authorities are expected to be accountable for their actions.
Mike
> From: Duncan Smith <[log in to unmask]>
> Reply-To: Duncan Smith <[log in to unmask]>
> Date: Wed, 20 Oct 2004 15:13:23 +0100
> To: <[log in to unmask]>
> Subject: Re: Consent
>
> ----------------------------------------------------------------
> The information transmitted is intended only for the person or entity to
> which it is addressed and may contain confidential and/or privileged
> material. Any review, retransmission, dissemination or other use of, or
> taking of any action in reliance upon, this information by persons or
> entities other than the intended recipient is prohibited. If you received
> this in error, please contact the sender and delete the material from any
> computer.
>
> The information contained in this correspondence is not intended as legal
> advice or counsel, and is not represented as such by the sender. iCompli
> Ltd. makes no warranties or statements regarding the legal acceptability of
> the information presented in this correspondence. Any actions performed as
> a result of this information are of the recipient's own choosing.
> ----------------------------------------------------------------------------
> -------------------
>
>
>
> Chris, your comment ...
>
> "The promotions board are not third parties, they are clearly acting on
> behalf of the data controller as either employees or agents, so the have no
> way of hiding behind confidentiality"
>
> ... may not be correct.
>
> To my knowledge neither the common law of confidentiality nor the requisite
> parts of the Data Protection Act 1998 are over-ruled by consideration of who
> is, and is not, the data controller.
>
> If an individual puts in a SAR to a data controller, who in meeting their
> legal obligations may disclose information about any third party i.e. not
> the data subject, then great care should be taken to understand what consent
> is in place to disclose, and what implications disclosure (or otherwise)
> would have on both the requestor and the third party.
>
> So yes I could "hide behind confidentiality", and indeed may wish to do so
> for very valid e.g. personal safety, reasons. Although I'm not suggesting
> that is the case in the scenario Gwenan put forward.
>
>
> Regards,
>
> Duncan S Smith
> Managing Director
> iCompli Limited Northampton UK
> T: 08707 70 48 66 F: 08707 70 48 69 M: 07775 56 81 80
> Mailto:[log in to unmask] Web: www.icompli.co.uk
> "Compliance in your language"
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
