JISCMail - DATA-PROTECTION Archives

I don't disagree with any of your assertions, nor do I disagree with your
extrapolation of the terms in the directive.  The only problem is that by
introducing interpreted primary legislation rather than the directive itself, and
without a clause in the Act explaining the meanings of the two types of consent,
the only thing that courts can use in determining the meaning of "consent" is
UK case law.

Ian B

Ian Buckland
Managing Director
Keep IT Legal Ltd

Please Note: The information given above does not replace or negate the need
for proper legal advice and/or representation. It is essential that you do not
rely upon any advice given without contacting your solicitor.  If you need
further explanation of any points raised please contact Keep I.T. Legal Ltd at
the address below:

55 Curbar Curve
Inkersall, Chesterfield
Derbyshire  S43 3HP
(Reg 3822335)
Tel: 01246 473999
Fax: 01246 470742
E-mail: [log in to unmask]
Website: www.keepitlegal.co.uk

---------

In a message dated 16/04/05 01:48:18 GMT Daylight Time,
[log in to unmask] writes:


> The underlying directive refered to consent in two ways in Art 7 (relating
> to non sensitive data)  referenced 'unambiguous consent' as  one processing
> condition.  Art 7 became Schedule 2.
>
> Art 8 referenced special catagories of data, (the sensitive data
> catagories). Processing these catagories were prohibited unless exempted by
> one of the listed conditions in the Article. Here the required consent was
> defined as 'explict consent'.
>
> Subsequent debate and discussion concluded there had to be a difference
> between the two consent requirements. I believe the early OIC guidance
> discussed this in detail (Section 1.6 - The Data Protection Act 1998 - An
> Introduction). My recollection of the guide was that unambiguous consent
> needed clear notice of intended use to be delivered and a form of implied
> acceptance ie data subject chooses to provide the information after
> receiving notice of use (arguably a passive response).
>
> Explicit consent was more likely to need evidence of an active response,
> signifying data subject's acceptance of understanding and agreeing the data
> uses. Without this a data controller has the risk of being unable to defend
> legitimate processing if relying on consent.
>
> Legitimising sensitive data processing was, and continues to be, an area of
> debate. Whilst not relevant to the context of plagarism I recall Art 8
> section 3 relating to medical uses was one area where the UK Act was argued
> as permitting more than the directive permitted. (Compare the article to the
> relevant UK Act exemption).
>
> However it really down to data subjects to assert their rights in respect of
> lawaful processing- and its Friday,
>

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
              [log in to unmask]
  (all commands go to [log in to unmask] not the list please)
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^