JISCMail - DATA-PROTECTION Archives

Martin,

I find it a concern that you hold the view that a subject access request
is a "gift that keeps on giving".

As a data controller, you accept the resposibility to supply a data subject
with all personal data you have gathered on them at their request.

If the procedures in your organisation mean there is high cost to retriving
this information, then surely, there must be:

1). High cost gathering this information

and/or

2). No purpose for retaining data that is costly for the business to obtain.


It appears to me that certain members of the Data Protection community feel
that it is up to them who can/cannot see their own data.
Isn't it the case that a data protection managers role is simply to implement
policy in line with current legislation and facilitate the release of data
in accordance with this?

"Perhaps the data controllers really are the masters now!!"

Data controllers do not own the data they are responsible for. Please remember
that.

Carl


>-- Original Message --
>Date:         Fri, 12 Dec 2003 10:49:57 -0000
>Reply-To:     Martin Hoskins <[log in to unmask]>
>From:         Martin Hoskins <[log in to unmask]>
>Subject: Re: [data-protection] DURANT DECISION NARROWS SCOPE OF DATA PROTECTION
>IN UK
>To:           [log in to unmask]
>
>
>Having read the decision, I have to say its not often that the courts accept
that data controllers have legitimate interests, that need to be balanced
with those of private individuals. I have seen too many private individuals
feel that the DPA enti
>les them to impose very significant compliance
burdens on data controllers, and the costs of compliance are occasionally
wholly disproportionate to the grievance at hand.

Without referring to this litigant personally, may I comment that its nice

>hat the courts were able to see what financial effect a company has to
incur when facing a barrage of requests from an individual who was unlikely
to have been satisfied with whatever the data controller had tried to do
to
meet his demands. I'm sure
>most of us have experienced this type of serial
complainant.

If nothing else, the judgment allows data controllers to adopt a more common
sense approach to dealing with subject access requests. It may be that data
controllers take a slightly wide
> view of the decision when responding to
requests, and provide information that is not just "personal data" within
the definition of the courts. That might make good business sense. It allows
data controllers to exercise a wider element of discretio
> than they may
have previously done.

So, its no longer true to claim that a Subject Access Request is just "
a
gift that keeps on giving".

Perhaps the data controllers really are the masters now!!

Happy Friday

Yours in the faith .......

>

Martin Hoskins
Data Protection Manager
T-Mobile (UK) Ltd
Hatfield Business Park
Hatfield, Hertfordshire AL10 9BW
+44 (0)7957 234585
+44 (0)1707 319056 fax



-----Original Message-----
From: Chris Spray [mailto:[log in to unmask]]
Sent: 12
>December 2003 09:42
To: [log in to unmask]
Subject: Re: DURANT DECISION NARROWS SCOPE OF DATA PROTECTION IN UK

I think this is certainly the way the DPA has been "sold" to the public
at
large.

Chris





Charles Christacopoul
>s <[log in to unmask]> on 11/12/2003
17:49:17

Please respond to Charles Christacopoulos <[log in to unmask]>

To:   [log in to unmask]
cc:    (bcc: Christopher Spray/Group Compliance/South East/RAC Motorin
>
      Services)

Subject:  Re: [data-protection] DURANT DECISION NARROWS SCOPE OF DATA
PROTECTION
      IN UK



** Reply to note from Ian Welton <[log in to unmask]>         Thu, 11
Dec
2003 17:33:11 -0000


> From a first quick rea
>ing of the decision, it has left me completely at a
> loss as to the effectiveness of the directives statement:- "shall protect
> the fundamental rights and freedoms of natural persons, and in particular
> their right to privacy with respect to the
>rocessing of personal data."
as
> it seems to redefine "informational privacy" by removing any protections
> provided for personal data from many areas of organisational life.  Whilst
> agreeing that some interpretations have been very loose, and s
>me
contextual
> focus is necessary, the judgement itself appears to provide a strict
> contextual focus which could then be implemented in other, less
appropriate
> contexts.

until the next judgment comes along :-)

I get the feeling from oth
>r responses that there is a general belief that
DP
was
created in order to protect privacy and not in order to enable flows of
infofrmation within a legal *and at the point of interpretation flexible*
framework.

I'll leave the rest for Friday.

>Charles




==============================================
Charles Christacopoulos, Management Information Officer,
Planning & Information, University of Dundee, Dundee, DD1 4HN,
Scotland, United Kingdom. Tel: 44(0)1382-344891. Fax: 44(0)1382-3
>8845.
http://www.somis.dundee.ac.uk/

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jisc
>ail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/comma
>dref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^








http://www.rac.co.uk
http://www.racbusiness.co.uk
http://www.bsm.co.uk

Any  opinions  ex
>ressed  in  this  e-mail  are  those of the individual and
not
necessarily the company. This e-mail and any attachments are confidential
to
RAC
and/or BSM and are solely for use by the intended recipient.

If you are not the intended recipient yo
> must not disclose, copy or
distribute
its contents to any other person nor use its contents in any way.
If you have received this e-mail in error please forward a copy of this
e-mail
to "[log in to unmask]".

RAC Motoring Services: Registered E
>gland 1424399
VAT Reg No. GB 238640945
British School of Motoring: Registered England 291902
VAT Reg No. GB 239505847
Registered Office(s): 1 Forest Road, Feltham, TW 13 7RR

This e-mail and any attachments has been scanned for the presence of
c
>mputer
viruses. RAC/BSM accept no responsibility for computer viruses once this
e-mail
has been transmitted.

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      av
>ilable to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user
>ommands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^



 NOTICE AND DISCLAIMER:
This
>email (including attachments) is confidential.  If you have received
this email in error please notify the sender immediately and delete this
email from your system without copying or disseminating it or placing any
reliance upon its contents.  We c
>nnot accept liability for any breaches of
confidence arising through use of email.  Any opinions expressed in this
email (including attachments) are those of the author and do not necessarily
reflect our opinions.  We will not accept responsibility
>or any commitments
made by our employees outside the scope of our business.  We do not warrant
the accuracy or completeness of such information.


^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are
>stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to jiscmail@
>iscmail.ac.uk
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^