"What we have done is put a leaflet in payslips and asked for consent and anyone who objected had to phone and their name would be taken off the list being given to the third parties" I'm sorry but that is not consent. Silence cannot be deemed to be consent or an implication of consent. If I do not phone and end up on the list I have not given consent. I'm afraid the only "safe" way to do this is to ask staff to "opt in" i.e. reply saying that they wish to be on the list, and those that do not reply are left off the list. A situation exactly like this was the first DP related issue I ever dealt with.... Simon Howarth. -----Original Message----- From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Broom, Doreen Sent: 12 October 2005 11:29 To: [log in to unmask] Subject: Re: DP Breach Funnily enough, we are going through this very process with two companies. What we have done is put a leaflet in payslips and asked for consent and anyone who objected had to phone and their name would be taken off the list being given to the third parties. What we also did was get the other two companies to sign up to our confidentiality statement and in that it states that if they disclosed to other parties they would be liable. Doreen Broom Access to Information Officer Scottish Borders Council Tel: 01835 826516 Fax: 01835 825059 -----Original Message----- From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Tim Turner Sent: 12 October 2005 11:24 To: [log in to unmask] Subject: Re: DP Breach An organisation doesn't have a right to market to its employees, especially not at their homes, unless it has informed them in advance that marketing will happen and at least sorted out some way of ensuring that those who don't want to receive marketing can opt out. I think the IC would expect people to be asked to opt-in. An organisation can't differentiate between one type of marketing and another purely on the basis that something is an "employee benefit" - if a service is being marketed and promoted, and addresses of staff are passed to the third party company who (presumably) make a profit on the sale of the service, then the normal rules for obtaining proper consent in order to do marketing should be observed. The world won't end if the proper rules aren't followed, but this doesn't mean that it isn't a breach. It is. Tim Turner Data Protection Officer Wigan Council > ---------- > From: Casillas, Mojgan[SMTP:[log in to unmask]] > Reply To: Casillas, Mojgan > Sent: 12 October 2005 09:56 > To: [log in to unmask] > Subject: [data-protection] DP Breach > > A while ago I posted a query re direct marketing. Thanks for the replays. > > > A few days ago I mailed the individual involved and informed them of > the breach. Below is the response I got. I'm still 100% confident of > the breach, I even checked with ICO but due to my lack of experience > with DP I'm not sure as to how to reply. Can anyone give some advise > on the matter. > > Thanks in advance > > Mojgan > > Whilst I can see where you are coming from with the issue of the packs > for HCI, the marketing document was a <?xml:namespace prefix = st1 ns > = "urn:schemas-microsoft-com:office:smarttags" />College document as > evidenced by our name being on the pack cover and the letters with our > letter head and signature by X. Also Y are providing the computers on > our behalf. They are college PC's. I was given assurances from Y > that no other use of the addresses would be made and that they would > be destroyed following the mail-shot. Staff had been made aware via > e-mail, the intranet and through the staff benefits leaflet, that we > were launching this scheme. As this was a benefit for all staff and Y > had the mechanisms to distribute quickly and at no cost to the College > it was felt the best route to take. I do not believe that we have breached DP legislation. > Had we issued addresses to a company to market their own product then > I would have agreed with you.<?xml:namespace prefix = o ns = > "urn:schemas-microsoft-com:office:office" /> > > ********************************************************************** > This email and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they > are addressed. If you have received this email in error please notify > the system manager. > > This footnote also confirms that this email message has been swept by > MIMEsweeper for the presence of computer viruses. > > www.clearswift.com > ********************************************************************** > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > All archives of messages are stored permanently and are > available to the world wide web community at large at > http://www.jiscmail.ac.uk/lists/data-protection.html > If you wish to leave this list please send the command > leave data-protection to [log in to unmask] > All user commands can be found at : - > http://www.jiscmail.ac.uk/help/commandref.htm > Any queries about sending or receiving message please send to the list > owner > [log in to unmask] > (all commands go to [log in to unmask] not the list please) > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving message please send to the list owner [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ PLEASE NOTE: THE ABOVE MESSAGE WAS RECEIVED FROM THE INTERNET. On entering the GSi, this email was scanned for viruses by the Government Secure Intranet (GSi) virus scanning service supplied exclusively by Energis in partnership with MessageLabs. Please see http://www.gsi.gov.uk/main/notices/information/gsi-003-2002.pdf for further details. In case of problems, please call your organisational IT helpdesk ******************************************************************** * This email is privileged, confidential and subject to copyright. * * Any unauthorised use or disclosure of its content is prohibited. * * The views expressed in this communication may not necessarily * * be the views held by Scottish Borders Council. * * Please be aware that any email sent or received by the Council * * may require to be disclosed by the Council under the provisions * * of the Freedom of Information (Scotland) Act 2002. * ******************************************************************** ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving message please send to the list owner [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving message please send to the list owner [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^