Many thanks for the comments so far especially Phil Bradshaw's reference to Hansard.
On reflection my question was badly worded. So let me see if I can do better this time.
The background to this can be tracked back to Lord Norton's question that I referenced in my previous posting. Section 29 in the Bill was causing concern to Non Law Enforcement investigators. It was unclear if they could make a request under Section 29. This fog of uncertainty has continued and was discussed on numerous occasions with ICO officials at gatherings of non law enforcement investigators. I was privy to a very robust discussion at the end of the first Masters Degree Course in Information Rights run by Northumbria University. It was generally felt and supported by a few ICO officials who were on the course that it didn't apply to non law enforcement investigators. Elizabeth France on a number of occasions said that if you suspected that a crime had taken place you should report it to the police. The Police on numerous occasions said that they would need some evidence that a crime had taken place before they would consider investigating the matter.
It would seem that anyone can make a request to a DC under the section 29 exemption. It is up to the DC to decide whether to release the data.
Now my question should have been. If the DC has to satisfy the criteria imposed by section 29 before releasing how can he do that if the request is made by a non law enforcement investigator acting on behalf of a client say insurance company, credit card company. This investigator cannot necessarily provide the assurances needed to the DC.
He can tell the DC what his client has told him. The DC needs to be assured that the data provided will be processed in accordance with the DPA. The investigator is acting on his client's instructions he is not in a position to dictate to the client what to do with the data that he has obtained. There is also the question, for another time, that if the investigator is DP then why is he making the request?

I posed this question to one of the solicitors at the ICO some years ago. Amongst other comments the answer included a warning that if the person/organisation making a section 29 request had no intention of ever prosecuting the matter that was being investigated then the ICO would take a very dim view of it. Many insurance companies allow their contracted investigator to make Section 29 requests and have no intention of ever prosecuting. They just want to be in a position to rebut the claim. They often during that rebuttal use the info obtained by a section 29 request. Other organisations use investigators who in turn make these requests. If your organisation use external investigators that could be a problem for you.
For what it is worth I would advise a client to never release data to a contracted non law enforcement investigator. Rather insist that his client make the request.

Chris Brogan

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)