JISCMail - DATA-PROTECTION Archives

Section 29 (3) is for the benefit of the supplier, not the requestor.

For example

Chris, under Section 29(3) please supply to me your full name, address,
make of car as I think you hit mine in the car park.

You would say, no (I hope) why? Because its none of my Business - in
this instance business is determined by the statutory powers of the
requestor, they must, therefore have powers which is not Section 29(3)
e.g. Police Act, Common law? Proceeds of Crime Act, on the direction of
the Coroner, Children Act 2004 etc etc

Anyone who asks for personal data under Section 29(3) gets "what are you
statutory powers?"

It is for the supplier to consider 29(3) not the requestor.

Regards


Paul

-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Kate McGinlay
Sent: 23 November 2006 15:46
To: [log in to unmask]
Subject: Re: [data-protection] Data Protection Act - Section 29 <fwd>


--- Begin Forwarded Message ---

Date: Thu, 23 Nov 2006 15:45:09 +0000
From: [log in to unmask]
Subject: RE: Data Protection Act - Section 29
Sender: [log in to unmask]
To: Chris Brogan <[log in to unmask]>
Reply-To: [log in to unmask]
Message-ID: <[log in to unmask]>


Wow! Chris that is really informative. What about Local authorities and
authorities who farm out the fraud detection roles the third party 
investigative companies. Could you argue that even with the defences of
section 29, an organisation could be in breach by collecting such data,
or processing such data for another purpose like this?

How widespread is it, and should this worry the average man in the 
street, that ACME investigations has their file. Even if they are using
their powers supposedly for fraud. Is there not a real risk that by 
giving personal data to persons who are totally unqualified to conduct 
an investigative function could easily clone such identities. Is it 
therefore not a massive risk to give out data to organisations under 
section 29, so that as Chris says we must only deal with Police.

What then happens to all of these agencies who are set up, presumably 
to save Police time shuffling paper?

Best wishes to all

Legal Compliance 
King's College London


On Thu, 23 Nov 2006 15:36:56 -0000 Chris Brogan 
<[log in to unmask]> wrote:

> Many non police organizations conduct criminal investigations. The 
> recommended skills for Private Investigators include conduct of 
> criminal investigations. The British retail Crime association advise 
> their members on criminal investigations. Civilian powers of arrest 
> have recently been reviewed. Telecom companies conduct their own 
> investigations and then present their evidence to the police. Royal 
> Mail with no more authority than the man in the street conduct their 
> own criminal investigations and prosecutions. There are many more 
> examples. Should you respond to a section 29 request from them? Now 
> that is a tricky one. If it goes pear shaped where does that leave 
> you? If a private investigator makes a section 29 request I suggest 
> you ask why he is doing it. Shouldn't it be the Data controller his 
> client? If he makes the request without the sanction of his client has

> he now determined that processing and taken on the mantle of Data 
> Controller? If he has which condition in schedule 2 has he satisfied? 
> If as I suspect he hasn't then surely there is a breach of DPA at 
> least Principle 1, probably 2, could argue a breach of 6, most 
> certainly 7? If you respond in these circumstances are you being 
> reckless? Would this be a section 55 offence? If Richard Thomas gets 
> his way and this happens in 2 years time could you end up in the pokey

> for 2 years. Who said DP was boring? May I suggest that you only 
> respond to law enforcement section 29 requests.
> 
> Chris Brogan
> Managing Director
> Security International Ltd
> 130 St Johns Road, Isleworth, Middlesex TW7 6PL, UK
> Tel:  +44 20 8847 2111  Fax:  +44 20 8847 1852
> Registered in England & Wales No. 1322074
> Registered Office:  11 Loveday Road, London W13 9JT
> www.securitysi.com 
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]] On Behalf Of Legal Compliance
at
> KCL
> Sent: 23 November 2006 14:46
> To: [log in to unmask]
> Subject: Data Protection Act - Section 29
> 
> Dear all,
> 
> I was wondering if many of the other organisations often receive 
> requests under section 29 of the DPA.
> 
> If so, I would just like to see what your views are, and whether you 
> feel this moves some of the administrative burden for criminal 
> investigations
> 
> onto the public sector. How appropriate do you feel this is, that
> certain 'low level' investigations are undertaken by persons who have 
> otherwise nothing to do with the Police (I hope).
> 
> Best wishes
> 
> Legal Compliance
> 
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>        All archives of messages are stored permanently and are
>       available to the world wide web community at large at
>       http://www.jiscmail.ac.uk/lists/data-protection.html
>       If you wish to leave this list please send the command
>        leave data-protection to [log in to unmask]
>             All user commands can be found at : -
>         http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to the list

> owner
>               [log in to unmask]
>        To receive these emails in HTML format send the command:
>          SET data-protection HTML to [log in to unmask]
>   (all commands go to [log in to unmask] not the list please)
>    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 
> 
> 
> 

----------------------
 
[log in to unmask]

--- End Forwarded Message ---


----------------------
 
[log in to unmask]

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list
owner
              [log in to unmask]
       To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
  (all commands go to [log in to unmask] not the list please)
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

_______________________________________________________________________
Leicestershire County Council - rated a  'four-star' council by the Audit Commission
_______________________________________________________________________


This e-mail and any files transmitted with it are confidential. If you are not the intended recipient, any reading, printing, storage, disclosure, copying or any other action taken in respect of this e-mail is prohibited and may be unlawful. If you are not the intended recipient, please notify the sender immediately by using the reply function and then permanently delete what you have received.

Incoming and outgoing e-mail messages are routinely monitored for compliance with Leicestershire County Council's policy on the use of electronic communications.   The contents of e-mails may have to be disclosed to a request under the Data Protection Act 1998 and the Freedom of Information Act 2000.

The views expressed by the author may not necessarily reflect the views or policies of the Leicestershire County Council.

Attachments to e-mail messages may contain viruses that may damage your system. Whilst Leicestershire County Council has taken every reasonable precaution to minimise this risk, we cannot accept any liability for any damage which you sustain as a result of these factors. You are advised to carry out your own virus checks before opening any attachment.

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
              [log in to unmask]
       To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
  (all commands go to [log in to unmask] not the list please)
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^