JISCMail - DATA-PROTECTION Archives

We just tend to send out to the address given.  Only time we ask for anything is if a solicitor writes in on behalf of a client - then we ask for a signed letter from the client agreeing to the solicitor making the request.
D

-----Original Message-----
From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Nigel Roberts
Sent: 27 July 2006 12:35
To: [log in to unmask]
Subject: Re: SAR ID Verification

Tim:

I usually agree with you, but I don't agree this is right. Any fool can 
make a forgery of a utility bill with a computer and a scanner.

It's all about proportionality. I would argue that it is 
disproportionate for a company to require the same documents that are 
required to open a bank account, to do an SAR on a company with which 
one has an established relationship. The fact you are writing to them 
from the address they have on file should be entirely sufficent, 
provided the results of the SAR are to be sent to the same address.

On the other hand, some SARs, perhaps for sensitive data in connection 
with (e.g.) your criminal record, if any.

For example my own rather banal criminal record consists of a guilty 
plea to a minor speeding offence and a £60 quid fine. This would 
otherwise have been dealy with by fixed penalty notice except my licence 
is issued by Guernsey, not Swansea (It is probably spent by now anyway - 
it was 4 years or more ago).

Nonethless, in order to make an SAR on sensitive data, I would think it 
entirely appropriate to be required to present myself with a passport, 
photo driving licence or birth certificate IN PERSON at my local nick.

One size does not fit all IMO


Nigel
-



Tim Trent wrote:
> I don't mean this to be a banal answer.  I fear it may sound it, for which I
> apologise.
> 
> The answer is really a question:  "If you were requesting this information,
> what documents of proof would you expect to be asked for in order to prove
> that you were entitled to receive the information?  How would you wish for
> your own identity to be protected?"
> 
> I suspect you will come down to items like a letter from a utility (but not
> mobile phone) addressed to you, a copy of a driving licence at the same
> address, etc.
> 
> Tim Trent - Consultant
> Direct: +44(0)1344 392644 Mobile:+44(0)7710 126618
> email: [log in to unmask]
> Marketing Improvement Limited, Abbey House, Grenville Place, Bracknell,
> United Kingdom, RG12 1BP
> http://www.marketingimprovement.com
> 
>  
>   
> 
> Important: This mail contains proprietary information some or all of which
> may be legally privileged. It is for the intended recipient only. If an
> addressing or transmission error has misdirected this email, please notify
> the author by replying to this email. if you are not the intended recipient
> you must not use, disclose, distribute, copy, print or rely on this email.
> If you are not the named recipient please notify us immediately.  This email
> and any attachment(s) are believed to be virus-free, but it is the
> responsibility of the recipient to make all the necessary virus checks. This
> email and any attachments to it are copyright of Marketing Improvement
> Limited unless otherwise stated. Their copying, transmission, reproduction
> in whole or in part may only be undertaken with the express permission, in
> writing, of Marketing Improvement Limited.
> 
>  
> 
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]] On Behalf Of Preston, Catherine
> Sent: 27 July 2006 12:41
> To: [log in to unmask]
> Subject: [data-protection] SAR ID Verification
> 
> Hi everyone.
> 
> If someone makes a subject access request to you, what verification
> documents do you ask for to identify the data subject. If you ask for
> official documents (i.e. passport/driving licence etc) do you accept
> photocopies being submitted or only the original? Or do you just accept the
> name and address on the letter? 
> 
> Many Thanks
> Catherine
> 
> 
> ****************************************************************************
> *******
> Parking in Westminster is easier with our ParkRight guide.  It explains how
> to park, where to park and includes a useful map of zone one.  For your free
> copy call Parking Services on (020) 7823 4567 or visit
> www.westminster.gov.uk/parking/
> 
> ****************************************************************************
> *******
> Westminster City Council switchboard: +44 20 7641 6000
> www.westminster.gov.uk
> ****************************************************************************
> *******
> This E-Mail may contain information which is privileged, confidential and
> protected from disclosure. 
> If you are not the intended recipient of this E-mail or any part of it,
> please telephone Westminster City Council immediately on receipt.
> You should not disclose the contents to any other person or take copies.
> ****************************************************************************
> *******
> 
> 
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>        All archives of messages are stored permanently and are
>       available to the world wide web community at large at
>       http://www.jiscmail.ac.uk/lists/data-protection.html
>       If you wish to leave this list please send the command
>        leave data-protection to [log in to unmask]
>             All user commands can be found at : -
>         http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to the list owner
>               [log in to unmask]
>   (all commands go to [log in to unmask] not the list please)
>    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>        All archives of messages are stored permanently and are
>       available to the world wide web community at large at
>       http://www.jiscmail.ac.uk/lists/data-protection.html
>       If you wish to leave this list please send the command
>        leave data-protection to [log in to unmask]
>             All user commands can be found at : -
>         http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to the list owner
>               [log in to unmask]
>   (all commands go to [log in to unmask] not the list please)
>    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
              [log in to unmask]
  (all commands go to [log in to unmask] not the list please)
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

PLEASE NOTE: THE ABOVE MESSAGE WAS RECEIVED FROM THE INTERNET.
On entering the GSI, this email was scanned for viruses by the Government Secure Intranet (GSi) virus scanning service supplied exclusively by Cable & Wireless in partnership with MessageLabs.
In case of problems, please call your organisational IT Helpdesk.
The MessageLabs Anti Virus Service is the first managed service to achieve the CSIA Claims Tested Mark (CCTM Certificate Number 2006/04/0007), the UK Government quality mark initiative for information security products and services.  For more information about this please visit www.cctmark.gov.uk


********************************************************************
* This email is privileged, confidential and subject to copyright. *
* Any unauthorised use or disclosure of its content is prohibited. *
* The views expressed in this communication may not necessarily    *
* be the views held by Scottish Borders Council.                   *
* Please be aware that any email sent or received by the Council   *
* may require to be disclosed by the Council under the provisions  *
* of the Freedom of Information (Scotland) Act 2002.               *
********************************************************************

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
              [log in to unmask]
  (all commands go to [log in to unmask] not the list please)
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^