Since the criterion is "Other data in the possession of (etc) the data controller" for such things to be personal data, and since you do not have that data, I would argue that these letters are not personal data under the DPA.

Under those circumstances I think your legal obligations are discharged. I am not a lawyer though.

So it seems to me that you are looking at your moral and other obligations. Those are almost impossible to determine. WHom are you seeking to protect from what, and with what motivation? (rhetorical question)

Was there a duty of confidentiality to the assumed anonymous informant? How far does that duty run?

On 14 Sep 2010, at 10:48, Brenda Scourfield wrote:

What is the list's view of disclosure of anonymous letters in a SAR ? Or do you not disclose them at all ?

I am worried that the writer maybe recognised by a) the tone and way of writing or (b) comments such as 'a mutual friend and I noticed.....'. Whilst I can redact these sort of comments, could the overall 'way of writing' identify them ?

This is a benefit fraud case so tensions could be high if they were identified.

Tim Trent - Consultant
Tel: +44 (0)7710 126618
web: ComplianceAndPrivacy.com - where busy executives go to find the news first
personal blog: timtrent.blogspot.com/ - news, views, and opinions
personal website: Tim's Personal Website - more than anyone needs to know

Important: This message is private and confidential. If you have received this message in error, please notify us and remove it from your system. This email and any attachment(s) are believed to be virus-free, but it is the responsibility of the recipient to make all the necessary virus checks. This email and any attachments to it are copyright of Meadowood Associates, owners of Compliance And Privacy, unless otherwise stated. Their copying, transmission, reproduction in whole or in part may only be undertaken with the express permission, in writing, of Meadowood Associates, at Meadowood House, 30 Redditch, Bracknell, Berkshire, RG12 0TT.

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

Leaving this list: send leave data-protection to [log in to unmask]
Suspending emails from all JISCMail lists: send SET * NOMAIL to [log in to unmask]
To receive emails from this list in text format: send SET data-protection NOHTML to [log in to unmask]
To receive emails from this list in HTML format: send SET data-protection HTML to [log in to unmask]

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)