I can't help but feel this is only half an answer. The information about
sources is not the same as information about third parties.
If you accept that an e-mail as a record includes the identity of the
recipient and the sender, as well as the potential personal data about the data
subject, the third party identity rules come into play. The identities of the
third parties do not have to be drilled for or in any way sought - they are just
there. Not metadata.
Where an e-mail is sent anonymously, the "source" question does apply. The
only information available about the source is the false (or partial) address
unless you have web tracing tools. I can imagine that you would not be asked
to drill down for the actual identity.
The scenario originally posed suggests to me the third parties would like to
remain anonymous because they cannot justify their comments. If you suspect
it is any more than that, eg a threat of violence, withhold the identity - if
not, I would disclose.
Ian B
Ian Buckland
Managing Director
Keep IT Legal Ltd
Please Note: The information given above does not replace or negate the need
for proper legal advice and/or representation. It is essential that you do not
rely upon any advice given without contacting your solicitor. If you need
further explanation of any points raised please contact Keep I.T. Legal Ltd at
the address below:
55 Curbar Curve
Inkersall, Chesterfield
Derbyshire S43 3HP
(Reg 3822335)
Tel: 01246 473999
Fax: 01246 470742
E-mail: [log in to unmask]
Website: www.keepitlegal.co.uk
------------
In a message dated 26/10/04 16:19:39 GMT Daylight Time,
[log in to unmask] writes:
> I've received further clarification from the OIC
> in respect of Part II 7 (1)(c)(ii) - Apparently it is to be read as: If
> the personal data comes from outside of the organisation then we need to
> disclose the source (if we know it), if the personal data is internal to
> the organisation then we do not have to disclose the source other than
> at organisation level (ie in this case, the source is the University, no
> further drill-down is required???).
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|