But what powers do other organisations have to use s.29? Doesn't one still need powers to request the information in the first place? The police use the PACE Act and HMRC use powers under the Taxes Management Act. Surely the responsibility lies with the data controller to decide whether those powers are properly engaged before disclosing the data as s.29 does not enforce data controllers to disclose, it merely allows them to. If data controllers supply information to organisations for a civil action, what is the basis for disclosure? Perhaps s.35 but this is not compatible with s.29. Julie Gibbs From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Simon Howarth Sent: 08 December 2008 12:07 To: [log in to unmask] Subject: Re: [data-protection] FW: Fellow Thinkers Email In that case I would say "yes". As I said before, the police use S.29, but they are not specified (as far as I know) as the only organisation that can invoke this exemption. I see no reason why this can't be used - although I suspect a debate coming on! Simon Howarth. From: Chris Brogan [mailto:[log in to unmask]] Sent: 08 December 2008 11:49 To: Simon Howarth; [log in to unmask] Subject: RE: FW: Fellow Thinkers Email Let me just clarify this. The information isn't in the company's possession. They believe an offence has been committed against them and they either themselves or through private investigators make enquiries. They rely on section 29. For whatever reason, the case is not criminally prosecuted. It does however find itself subject to a claim in the civil courts. Can the evidence/information collected using section 29 exemptions be used for a civil action? Hope that clarifies it. Regards Chris Brogan MA LLM Managing Director Security International Ltd 130 St Johns Road, Isleworth, Middlesex TW7 6PL, UK Tel: +44 20 8847 2111 Fax: +44 20 8847 1852 Registered in England & Wales No. 1322074 Registered Office: 11 Loveday Road, London W13 9JT www.securitysi.com <http://www.securitysi.com/> ________________________________ From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Simon Howarth Sent: 08 December 2008 11:46 To: [log in to unmask] Subject: Re: FW: Fellow Thinkers Email I'm running completely off the top of my head here, so am prepared to be shot down. However, this may lead you in other directions... My immediate thought is that S.29 (1) is valid as it provides an exemption but does not specify that it is restricted to specific types of organisation. I therefore think that this could be used. However, from your statement I interpret that the information they wish to use is already in their possession. If this is the case and the information was gathered initially to prevent/detect crime or put together a case, then I would say that the use of the information simply falls within Schedule 2 (6) and Schedule 3 (6) which appear to allow the information to be used in the way you suggest, in this way you do not need to invoke the S.29 exemption if this is likely to cause a problem. Just thinking aloud. Regards, Simon Howarth. From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Chris Brogan Sent: 08 December 2008 10:56 To: [log in to unmask] Subject: [data-protection] FW: Fellow Thinkers Email <snip> ________________________________ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format): * Leaving this list: send leave data-protection to [log in to unmask] <mailto:[log in to unmask]&BODY=LEAVE%20data-protection> * Suspending emails from all JISCMail lists: send SET * NOMAIL to [log in to unmask] <mailto:[log in to unmask]&BODY=SET%20*%20NOMAIL> * To receive emails from this list in text format: send SET data-protection NOHTML to [log in to unmask] <mailto:[log in to unmask]&BODY=SET%20data-protection%20NOHTML> * To receive emails from this list in HTML format: send SET data-protection HTML to [log in to unmask] <mailto:[log in to unmask]&BODY=SET%20data-protection%20HTML> All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask] Any queries about sending or receiving messages please send to the list owner [log in to unmask] (Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline) ________________________________ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving messages please send to the list owner [log in to unmask] Full help Desk - please email [log in to unmask] describing your needs To receive these emails in HTML format send the command: SET data-protection HTML to [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^