Yes.
For this scenario the controller is not a public authority. If the matter was taken to court or tribunal (FOI jurisdiction) more than 30 days would have elapsed so the controller would no longer have the images. This is a major area of concern for non public authorities who are being targeted by pressure groups and who receive regular requests for copies of tapes from law enforcement.
Chris Brogan
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]]On Behalf Of Ian Welton
Sent: 22 December 2004 15:01
To: [log in to unmask]
Subject: Re: SAR - Employee Recs
Chris Brogan on 22 December 2004 at 14:27 said:-
> does this now mean that a SAR for cctv images that are stored
> by tape can be rejected?
> Would it be the same answer if it was stored digitally?
> Does Durant's definition mean that cctv images are no longer
> personal data unless the controller does something specific with them?
> If it is not personal data then the police dont have to make
> sect29 requests. The controller could just give them a copy
> of the footage for 10-00am until 11-00am then the DP issues
> if any become that of the police.
> Can we exclude FOI at this stage of the discussion?
Could you properly exclude considering the FOI exemptions in such a
discussion.
Ian W
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> Chris Brogan
> Sent: 22 December 2004 14:27
> To: [log in to unmask]
> Subject: Re: SAR - Employee Recs
>
>
> Ian,
> does this now mean that a SAR for cctv images that are stored
> by tape can be rejected?
> Would it be the same answer if it was stored digitally?
> Does Durant's definition mean that cctv images are no longer
> personal data unless the controller does something specific with them?
> If it is not personal data then the police dont have to make
> sect29 requests. The controller could just give them a copy
> of the footage for 10-00am until 11-00am then the DP issues
> if any become that of the police.
> Can we exclude FOI at this stage of the discussion?
> Chris Brogan
>
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]]On Behalf Of [log in to unmask]
> Sent: 22 December 2004 13:45
> To: [log in to unmask]
> Subject: Re: SAR - Employee Recs
>
>
> In a message dated 22/12/04 11:43:17 GMT Standard Time,
> [log in to unmask] writes:
>
>
> > I do not hear any employee representative organisation
> voicing any qualms
> > about the situation, so clearly that situation seems
> acceptable so far, and
> > privacy in the workplace may not be being seen as an issue.
>
> ----------
>
> I believe that neither the powers-that-be nor employees (and
> reps) understand
> exactly the situation that has arisen from the Durant case
> and the exemption
> from access to personnel files under FOI. There was
> something of an overlap
> period where the two restrictions passed by each other almost
> unnoticed.
>
> What it effectively means is this:
>
> 1) If an employee asks for subject access to their personnel
> data, they will
> be entitled in law to recieve ONLY the stuff that is held on computer;
>
> 2) If there is also a manual file, it is unlikely to be
> structured and is
> therefore outside the scope of DPA. After Johnson, this
> would also include data
> that had been printed from a computer file but was no longer
> held in computer
> form;
>
> 3) The FOI specifically exempts personnel information from
> the "unstructured
> manual file" extension;
>
> 4) Managers and bosses generally can then hold any
> information they like
> about the employee, including unfounded allegations, without
> ever having to reveal
> them to the accused (sorry I mean employee);
>
> 5) They could put those allegations in a reference provided
> the recipient
> does not scan it and or computerise it in some way.
>
> Of course scrupulous employers would not do these things, but
> IMHO it would
> all be legal.
>
> Ian B
>
>
> Ian Buckland
> Managing Director
> Keep IT Legal Ltd
>
> Please Note: The information given above does not replace or
> negate the need
> for proper legal advice and/or representation. It is
> essential that you do not
> rely upon any advice given without contacting your solicitor.
> If you need
> further explanation of any points raised please contact Keep
> I.T. Legal Ltd at
> the address below:
>
> 55 Curbar Curve
> Inkersall, Chesterfield
> Derbyshire S43 3HP
> (Reg 3822335)
> Tel: 01246 473999
> Fax: 01246 470742
> E-mail: [log in to unmask]
> Website: www.keepitlegal.co.uk
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to
> the list owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to
> the list owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|