Lucinda
At a JISC seminar last week we discussed the definition of 'public'.
Like you, we felt that something on a noticeboard in a department is
somehow *less* 'public' than something on the web (intranet or
internet) but also had difficulty actually defining these terms.
My thoughts lead to perhaps three 'levels' of publication:
1. Very limited: Information which only exists in one form, on paper,
pinned to a noticeboard or available for inspection. This can only be
replicated if someone photographed it or physically retyped it. e.g.
tutorial group memberships, passlists - listed by name or by candidate
no.
2. Internal: Information circulated quite widely within the
institution (via paper or the intranet) but still for for the use of
specified people e.g. telephone directory, committee papers,
graduation ceremony. There is an element of discretion as to whom the
information is initially made available (i.e. only someone who has a
University user account can access the Intranet).
3. External: Information made available to anyone at all without the
exercising of any discretion (e.g. via distributed prospectuses or the
World Wide Web).
I would say that data under (1) must be still treated as 'public' in
the sense of the DPA but only in a very limited sense. Data under (2)
and certainly under (3) brings into effect Principle 8 (transfer
outside the EEA) so that complicates matters.
Maybe some sort of central guidance will be made available by some
central body in codes of practice. Could anyone from JISC/CVCP
elaborate on plans to produce DPA guidance for institutions? The only
thing I have seen is the Association of Colleges guidance but this was
some time ago now.
Anne.
--------------- Begin original message ----------------
| From: Lucinda Bennett <[log in to unmask]>
| Date: Tue, 15 Feb 2000 16:16:14 +0000
| Subject: Definitions of public/private
| To: [log in to unmask]
| Reply-To: [log in to unmask]
|
|
|
| There is much reference to personal data which has been
| placed in the "public" and "private" domain, although these
| terms are not found in the Data Protection Act. I am
| currently putting together the University's Data Protection
| policy and refer to these terms but I am having difficulty
| defining them in any sensible way. Any definition needs to
| take into account information which is held manually as
| well as on-line. Has anyone in the mailbase undergone a
| similar exercise and is willing to share their definitions
| with me?
|
| ----------------------
| Lucinda Bennett
| Administrative Officer
| Registry, Room 159
| University of Exeter Tel: 01392 263355
| Northcote House Fax: 01392 263108
|
|
|
-------------- End original message --------------------
Anne Johnson, Assistant Registrar
Student Systems Office, Sussex House,
University of Sussex, Falmer, Brighton BN1 9RH
Telephone (01273) 678761; Fax (01273) 877389
E-mail [log in to unmask]
http://www.sussex.ac.uk/Units/sso/
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|