> Jim Whitaker on 15 November 2004 at 15:16 said:-
> I would be very unhappy about emails addressed to me which
> threatened to
> disappear at a time other than of my choosing. If I am expected to do
> something on the basis of an email, then I require to keep that email
> until my needs are satisfied. We could all work up plausible scenarios
> in which the lack of the source document undermined our authority or
> audit requirements.
>
> Of course there will be some areas where this might be legitimate but
> almost certainly these would be mutual and highly structured. I still
> doubt the 100% water tightness of any solution outside a very small
> number of very closely controlled environments.
>
> It is relevant that the "recall" feature only works if the original
> message has not been read (or delivered locally for reading?) This
> seems a sensible compromise. If I have read it, I may have
> taken action
> or formed an opinion in the light of that and am entitled to
> retain the
> message to underpin my actions.
Does this mean that once any data moves from one subject to another, the
originating subject effectively looses control of that data, transferring
complete control to the recipient? I imagine much trust in the complete
systems/processes needs to be constantly maintained in those circumstances
as a means of facilitating effective ongoing communication. Fairness and
openness would support that I suppose.
Turner8 on 15 November 2004 at 16:11 said:-
> I suppose you can save the email to an rtf format file or
> something like
> that.
>
> Alternatively, you can't recall a printout!
> Perhaps we should get into the practise of printing out all emails and
> filing them in an unstructured file.
> ;-)
Depending upon the purpose of the email and circumstances, agree or
disagree, from many perspectives both of those actions may be seen as
necessarily legitimate actions.
Roland Perry on 15 November 2004 at 15:12 said:-
> "Recall" only works within the originating organisation.
[snip]
> This is a *very bad* strategy as it merely makes everyone look rather
> hard at an email they might otherwise have never bothered to
> read, just
> to see what was so awful about it that the writer decided it needed
> recalling.
Which opens an available strategy where to make sure an e-mail is studied
carefully one recalls it.
With originating subjects apparently unable to effectively control the
further circulation/retention of data via email, as exampled by those
infamous cases where emails have been broadcast more widely than originally
sent, and appropriate retention periods being so difficult to
define/maintain in respect of email, it is perhaps no wonder that many
questionable practices by organisations/individuals become media fodder as a
result of the exploitation of email, which was either originally mis-sent or
subsequently more widely circulated than needed.
The implementation of the DPA does seem to fail many when the security of
personal data is concerned, but organisations equally seem to fail
themselves in their own security, creating a failure of privacy in two of
its possible interpretations. Value conflicts seem to appear as a common
factor in those scenarios.
Ian W
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> Jim Whitaker
> Sent: 15 November 2004 15:16
> To: [log in to unmask]
> Subject: Re: M$oft Information Rights Management Service (run by them)
>
>
> I would be very unhappy about emails addressed to me which
> threatened to
> disappear at a time other than of my choosing. If I am expected to do
> something on the basis of an email, then I require to keep that email
> until my needs are satisfied. We could all work up plausible scenarios
> in which the lack of the source document undermined our authority or
> audit requirements.
>
> Of course there will be some areas where this might be legitimate but
> almost certainly these would be mutual and highly structured. I still
> doubt the 100% water tightness of any solution outside a very small
> number of very closely controlled environments.
>
> It is relevant that the "recall" feature only works if the original
> message has not been read (or delivered locally for reading?) This
> seems a sensible compromise. If I have read it, I may have
> taken action
> or formed an opinion in the light of that and am entitled to
> retain the
> message to underpin my actions.
>
> Regards
>
> Jim
> ----------------------------------------------
> Jim Whitaker
> Head of Information Management and Internal Communications
> British Educational Communications and Technology agency
> Millburn Hill Road
> Science Park Telephone 024 7679 7452
> Coventry 024 7641 6994 (Ext 3341)
>
> CV4 7JJ Fax 024 7684 7071
>
> =================================================
> -----Original Message-----
> From: Ian Welton [mailto:[log in to unmask]]
> Sent: 15 November 2004 14:28
> To: [log in to unmask]
> Subject: Re: [data-protection] M$oft Information Rights Management
> Service (run by them)
>
> Lloyd M J B (ISeLS) on 15 November 2004 at 12:06 said:-
>
> > it would appear
> > that any user
> > can put a deletion date on an email or Word document rather
> than have
> > such decisions be made according to the University's
> records retention
>
> > schedule.
>
> I think setting the weed date feature on mail you send has been around
> for some time, as has the ability to recall e-mails, both providing
> individuals with some control of the data they transmit.
>
> It is interesting how data retention periods can change, sometimes
> irrespective of the data subjects wishes, as data moves between
> organisations/individuals. Some of those changes are clearly
> understandable, others seem very puzzling.
>
> A standardized retention period seems to have done nothing to leverage
> any technological potential in support of the DPA principles, and the
> weed and recall facilities have been very little known about.
>
> It would be interesting to hear reasons from the various
> sectors behind
> (not)allowing the sender of received e-mail to determine the retention
> period for any e-mail they may send to the organisation. Where does
> that divide sit/and why?
>
>
>
> **********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the system manager.
> This footnote also confirms that this email message has been swept by
> MIMEsweeper for the presence of computer viruses.
> www.mimesweeper.com
> **********************************************************************
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|