Whether we're in a position to listen to the judges' remarks is precisely my
question. You're right to say that there is no legal requirement to explain
what a request is for. Except that the Appeal Court Judges also said that
subject access has a purpose. They say the purpose is to check whether
privacy is being infringed.
What I don't understand is how the Durant judgement is so significant, if we
pick and choose the bits of it that work and the bits that don't. "Personal
data" is restricted to a certain type of data (significantly biographical
etc. etc.), but only for subject access. Subject Access is for checking
one's privacy and not for litigation, but you're on your own if you try to
implement that.
I see my job as being here to give people the rights and protections that
the law on DP entitles them to, no less, no more. Durant is supposedly part
of that law. Therefore, if Durant narrows the legal limit of what's
available, then the law has changed and I change with it (if Durant had gone
the other way, I would have been just as willing to go along with that). My
problem is, as I write a subject access procedure, do I narrow things a bit
and potentially save my colleagues some time, or is that to curtail rights
that people still have? The IC reaction makes it seem like everything is
different, but how can anyone tell?
Tim
Tim Turner
Data Protection Officer
Legal Services
> ----------
> From: [log in to unmask][SMTP:[log in to unmask]]
> Reply To: [log in to unmask]
> Sent: 23 February 2004 13:52
> To: [log in to unmask]
> Subject: Re: [data-protection] Subject access, litigation, and Durant
>
> In a message dated 23/02/04 12:21:37 GMT Standard Time,
> [log in to unmask] writes:
>
>
> > I would say that if you knew the person was suing the Council when they
> > made
> > the request, you could legitimately turn them away. However, if neither
> you
> > (or even they) are sure whether there might be litigation at a later
> date, I
> > don't see how you could you could refuse to respond to a subject access
> > request on that basis.
>
> ---------
> I believe there is an exemption for data that would incriminate (would a
> civil case qualify?) the data controller - except for offences under DPA -
> but Mr
> Durant told the FSA he wanted the info to take (civil?) action against
> Barclays Bank.
>
> As there is no legal requirement to declare the reason for any SAR, and to
> make an assumption could be dangerous, are data controllers in a position
> to
> take any notice of the judges' comments about obtaining the data for legal
> action?
>
> Ian B
>
>
> Ian Buckland
> Managing Director
> Keep IT Legal Ltd
>
> Please Note: The information given above does not replace or negate the
> need
> for proper legal advice and/or representation. It is essential that you do
> not
> rely upon any advice given without contacting your solicitor. If you need
> further explanation of any points raised please contact Keep I.T. Legal
> Ltd at
> the address below:
>
> 55 Curbar Curve
> Inkersall, Chesterfield
> Derbyshire S43 3HP
> (Reg 3822335)
> Tel: 01246 473999
> Fax: 01246 470742
> E-mail: [log in to unmask]
> Website: www.keepitlegal.co.uk
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses using Sophos
anti-virus software.
www.mimesweeper.com
www.sophos.com
**********************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|