Phillip,
Brilliant explanation, better than any that I have tried to bring to an
argument in the past. I will certainly use it next time and pass it off
as my own as I assume that you don't move in the same circles that I do
and are not likely to find out.
Regards
Chris Brogan MA LLM
Managing Director
Security International Ltd
130 St Johns Road, Isleworth, Middlesex TW7 6PL, UK
Tel: +44 20 8847 2111 Fax: +44 20 8847 1852
Registered in England & Wales No. 1322074
Registered Office: 11 Loveday Road, London W13 9JT
www.securitysi.com
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Bradshaw, Phillip
Sent: 27 May 2009 17:16
To: [log in to unmask]
Subject: Re: Biometric Data on Flash Drive
It is nothing to do with the biometric data itself.
Jethro
It is nothing to do with the biometric data itself.
Scenario:
There are 5 people in my team and they register to use the device. Fred
leaves for a better job (debatable but I will concede for the sake of
argument !). His profile is removed. We now have a device with 4
registered users plus biometric data of AN Other. My HR records show
Fred is the only person to have left the team whilst device in use.
Therefore the AN Other data is identifiable as being Fred's from other
information in my possession. Therefore it is personal data whilst in
our hands.
The fact that it would not be personal data in anyone else's hands
because they could never identify Fred is irrelevant - the point made
quite clearly in Collie ...
"If it was impossible for the recipient of the ... data to identify
those individuals, the information would not constitute "personal data"
in his hands. But we are concerned in this case with its status while it
is still in the hands of the data controller, as the question is whether
it is or is not exempt from the duty of disclosure that FOISA says must
be observed by him." Lord Hope at Para 26.
The effect of Collie is quite far reaching and indeed startling in some
respects. If for example my Council has 13 employees who are Hindu, and
we know who they are, we could not publish that fact, or supply it under
FOIA without the express consent of all, as it is sensitive personal
data in our hands ... unless there is some statutory gateway to enable
us to publish ethnicity etc. data (which I have not looked into) when we
could rely on Schedule 3 Condition 2.
Phil Bradshaw
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Jethro R Binks
Sent: 27 May 2009 16:19
To: [log in to unmask]
Subject: Re: [data-protection] Biometric Data on Flash Drive
On Wed, 27 May 2009, Bradshaw, Phillip wrote:
> 1. It is data
> 2. It relates to a living individual (usually) 3. The individual it
> relates to can be identified from other information which is in the
> possession of the data controller
I don't disagree with the first two.
But how does a mathematical summary of the fingerprint identify anyone?
It doesn't. As for obtaining other information, the only way you are
going to be able to map that mathematical summary to a living person
(ie, identify them from the data you have on the flash device) is by
having the living person's fingerprints and generating their
mathematical summary and comparing them - but then you have to know who
the person is in the first place to get the fingerprints, so why would
you be bothering?
I suppose we don't know enough about the mathematical algorithm to know
how likely a collision is (ie, the chance that the mathematical summary
will match more than one fingerprint).
Jethro.
. . . . . . . . . . . . . . . . . . . . . . . .
.
Jethro R Binks
Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask] All user
commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list
owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your
needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
**********************************************************************
Privileged/Confidential Information may be contained in this message. If
you are not the addressee indicated in this message (or responsible for
delivery of the message to such person), you may not copy or deliver
this message to anyone. In such case, you should destroy this message
and kindly notify the sender by reply email. Please advise immediately
if you or your employer does not consent to Internet email for messages
of this kind. Opinions, conclusions and other information in this
message that do not relate to the official business of the Council of
the City and County of Cardiff shall be understood as neither given nor
endorsed by it. All e-mail sent to or from this address will be
processed by Cardiff County Councils Corporate E-mail system and may be
subject to scrutiny by someone other than the addressee.
**********************************************************************
Mae'n bosibl bod gwybodaeth gyfrinachol yn y neges hon. Os na chyfeirir
y neges atoch chi'n benodol (neu os nad ydych chi'n gyfrifol am
drosglwyddo'r neges i'r person a enwir), yna ni chewch gopio na
throsglwyddo'r neges. Mewn achos o'r fath, dylech ddinistrio'r neges a
hysbysu'r anfonwr drwy e-bost ar unwaith. Rhowch wybod i'r anfonydd ar
unwaith os nad ydych chi neu eich cyflogydd yn caniatau e-bost y
Rhyngrwyd am negeseuon fel hon. Rhaid deall nad yw'r safbwyntiau, y
casgliadau a'r wybodaeth arall yn y neges hon nad ydynt yn cyfeirio at
fusnes swyddogol Cyngor Dinas a Sir Caerdydd yn cynrychioli barn y
Cyngor Sir nad yn cael sel ei fendith. Caiff unrhyw negeseuon a anfonir
at, neu o'r cyfeiriad e-bost hwn eu prosesu gan system E-bost
Gorfforaethol Cyngor Sir Caerdydd a gallant gael eu harchwilio gan rywun
heblaw'r person a enwir.
**********************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list
owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your
needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.339 / Virus Database: 270.12.41/2136 - Release Date:
05/26/09 20:20:00
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
