[log in to unmask] on 09 March 2004 at 15:30 said:-
> stuff like that cannot be kept forever, just on the off
> chance that the keeper (or is it a previous keeper) may be
> reported for some alleged crime several years later. Media
> for storage is cheap enough but the staff to keep it accurate
> and up to date, and to weed it, are not.
I have not yet read the Bichard documentation but -
The importance of decisions made by the appropriate managers at the
organisational level during systems design regarding weeding methodology,
and the subsequent ongoing compliance with the outcomes of those decisions
always have been reasonably critical to information systems being maintained
properly. i.e. If during systems design decisions are made to manually weed
the material - that means adequate resources will be required to
determine/identify appropriate weeding criteria AND to maintain the weeding
process. Or if the manual process is dismantled, automated weeding
facilities need to be put in place. Doing no weeding at all would not seem
to be a DP compliant option and using arguments for a national security
exemption to retain traffic data material because nobody would challenge
that would not be legitimate.
I seem to recall that in I.S. project management weeding processes have
historically been rather a critical part of any system, and software
application processes are generally designed to fit management demands and
the organisational structure. But experience has shown that during
organisational/departmental restructuring processes, the logical design
requirements of computer systems is not always considered adequately, and
the skills of an I.S. project manager are not normally utilised. In my
experience such organisational changes do alter the effectiveness of
computer systems with problems within affected systems not always becoming
immediately obvious. This can be especially visible where there are regular
changes in management over a protracted period of time, or where the changes
are being made to support arguments for a new computer application/system.
I suppose a DPO could valuably focus much attention on systems affected by
organisational change. But organisational change can be stressful for all of
the persons involved and what can be seen as outside interference
problematical. That is especially so if part of the reasons for change are
support for system renewal. What happens to the DPA principles then?
Ian W
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> [log in to unmask]
> Sent: 09 March 2004 15:30
> To: [log in to unmask]
> Subject: Re: Bichard Inquiry Transcripts
>
>
> In a message dated 09/03/04 10:47:21 GMT Standard Time,
> [log in to unmask]
> writes:
>
>
> > The transcripts highlight that while there was an admittedly patchy
> > focus on retention periods it didnt seem to be any ones job in
> > particular to examine critically the extent to which the
> information
> > systems worked in terms of their main objectives.
>
> ----------
> I agree. The witness statements and transcripts make it
> fairly clear that the issues involved were more to do with
> bums on seats than any Data Protection guidance. As
> expected, the comments of Humberside's Chief Constable -
> blaming the DPA - are being exposed as "a knee-jerk reaction".
>
> The ACPO code does contain guidance on retention and in some
> cases is very prescriptive. The intelligence information
> retained may include things like "a red escort was seen
> driving down the High Street at 05:30 on 01/01/2004" and
> stuff like that cannot be kept forever, just on the off
> chance that the keeper (or is it a previous keeper) may be
> reported for some alleged crime several years later. Media
> for storage is cheap enough but the staff to keep it accurate
> and up to date, and to weed it, are not.
>
> Ian B
>
>
> Ian Buckland
> Managing Director
> Keep IT Legal Ltd
>
> Please Note: The information given above does not replace or
> negate the need for proper legal advice and/or
> representation. It is essential that you do not rely upon any
> advice given without contacting your solicitor. If you need
> further explanation of any points raised please contact Keep
> I.T. Legal Ltd at the address below:
>
> 55 Curbar Curve
> Inkersall, Chesterfield
> Derbyshire S43 3HP
> (Reg 3822335)
> Tel: 01246 473999
> Fax: 01246 470742
> E-mail: [log in to unmask]
> Website: www.keepitlegal.co.uk
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list
> please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|