If you are worried about the information being used to commit a crime, isn't the law enforcement s31 (1) (a) exemption also arguably appropriate here as well as s40 personal data?  Disclosure likely to prejudice the prevention of crime. 


Ray Cooke

www.brookes.ac.uk


On 9 June 2011 14:19, Simon Howarth <[log in to unmask]> wrote:

This is an interesting one as the expenditure is probably reasonable to release, but I agree that card and individuals’ details may not be appropriate to release on security grounds. I wonder if an exemption like information provided in confidence may be relevant (really not sure off the top of my head), but essentially if you knowingly compromise a card or account, then you are being negligent and I would suggest that the terms and conditions associated with an account may well constitute that the information and card has been provided in confidence.

 

You could provide a list of expenditure perhaps mapped to salary grade, which would provide what they bought but only what grade bought it not whomever is involved?

 

Just a thought.

 

Simon Howarth.

 

From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Broom, Doreen
Sent: 08 June 2011 10:32
To: [log in to unmask]
Subject: Re: [data-protection] Credit Card Holders - Personal Data?

 

Hi Steve

 

This is what we said re the card holders:

 

At Scottish Borders Council, Corporate Credit Cards have only been issued to the Directors of each Department and the Chief Executive.  It is very rare that the card holders physically use the credit card to make purchases. 

 

It is standard practice that the cards are usually used by administrative officers, with the authorisation of the card holder and budget holder, to make purchases over the internet, that are necessary to the delivery of council services, and (or) to take advantage of discounts available online.  In some cases payments can only be made over the internet.

 

Doreen

 

Doreen Broom

Data Compliance Officer

Scottish Borders Council

Resources Department  - BTS

Tel: 01835 826516

e-mail: [log in to unmask]

 

 

 

 

 

From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Cotterill, Steve
Sent: 08 June 2011 10:18
To: [log in to unmask]
Subject: Credit Card Holders - Personal Data?

 

Hi,

 

We are receiving many FOI requests for details of purchase card expenditure and names of card users.

 

Just using common sense I am against giving out names of users because there is other information already in the public domain that could quickly be used to to enable someone to pretend they are that card user (name and address of Council, Signatories on the account - it wouldn't take a genius to work this out). In fact the only thing they won't have is the actual card/card number. The FOI officer wants to release the post-holders titles rather than the names. However again having the post title you can quickly find out the name of the post-holder and therefore I believe it means it is personal data and therefore can be exempt from release or am I being too simplistic?

 

For example Mr Joe Bloggs, Works at Broxtowe Borough Council, Has post title of Admin officer and has access to Council Credit Card = personal data?

 

Any thoughts appreciated.

 

Steve

______________________________________________________________________________________________________________________

Stephen Cotterill

Procurement & Technical Officer Broxtowe Borough Council

 


DISCLAIMER:
This email and any attachments are confidential and intended solely for the use of the individual to whom it is addressed. If you are not the intended recipient be advised that you have received this email in error and that any use, dissemination, forwarding, printing or copying of this email is strictly prohibited.
If you have received this email in error please contact the IT Service Desk at Broxtowe Borough Council on [log in to unmask] or telephone 0115 917 3194.
Senders and recipients of email should be aware that, under current legislation, the contents may be monitored and will be retained. The contents of the email may have to be disclosed in response to a request.
This disclaimer confirms that this email message has been swept for the presence of computer viruses.

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)

**********************************************************************

This email and any files transmitted with it are privileged, confidential and subject to copyright. Any unauthorised use or disclosure of any part of this email is prohibited. If you are not the intended recipient please inform the sender immediately; you should then delete the email and remove any copies from your system.

The views or opinions expressed in this communication may not necessarily be those of Scottish Borders Council.

Please be advised that Scottish Borders Council's incoming and outgoing GSX email is subject to regular monitoring and any email may require to be disclosed by the Council under the provisions of the Freedom of Information (Scotland) Act 2002.

 

**********************************************************************

 

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)