Devils advocations inline.
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Tim Trent
Sent: 12 October 2006 13:34
To: [log in to unmask]
Subject: Re: [data-protection] UKIC and requiring timely compliance with
PECR
Get TPS data.
- How long for TPS to respond if BBK don't already have this?
Run query against existing data and delete ALL that match TPS
- Is all data in one place? Do different teams of staff have different
lists? Do TPS numbers match BBK numbers, ie. 0151-123-4567 is not the
same as (0151) 123 4567 is not the same as 01511234567. Is it valid to
delete all data? What if numbers also belong to people who are actually
customers? What if new records are inserted, what is the procedure
(which after December needs to be right) for ensuring future compliance
on the inserts? Probably some other things which would slow you down.
Hmm, that is done, then. Even on a PC we are looking at a maximum of a
couple of hours to run this against a massive database.
- Quite, but thats assuming we have two simple lists available to that
PC and nothing else to do.
Then with new data take on:
Run query to remove TPS data from New data
Upload new data
- Assuming new data comes in as large files and the batch process is
robust enough to fix it all. Is this the case? Assuming also that
something is in place to ensure all new data undergoes this check. Are
inserts currently conducted centrally?
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Griffiths, Ian
Sent: 12 October 2006 13:24
To: [log in to unmask]
Subject: Re: [data-protection] UKIC and requiring timely compliance with
PECR
I agree that the time period does seem quite long.
I suspect that although the process of checking data against TPS records
is simple from our perspective, in the context of a large business with
a lot of data this is more difficult. I'm not disagreeing with you, I
just think we don't know enough about their business to comment on their
ability to respond.
However as you also correctly point out, this is not a nice relaxing
transition in to new processes, this is law now and therefore compliance
is already overdue. I have some friends in IT who are working very long
and hard to ensure that they comply with new VISA regulations for
security of their data processing, because if they don't they will be
fined money for each transaction which they process outside of the VISA
regs.
The UKIC stance does not quite have the same teeth.
Ian
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Tim Trent
Sent: 12 October 2006 12:47
To: [log in to unmask]
Subject: [data-protection] UKIC and requiring timely compliance with
PECR
I'm throwing this open for thoughts. I have a TPS listed domestic
number, and it still gets called by those who, for one reason or
another, do not obey the Privacy and Electronic Communications
Regulations. Maybe it's accidental, maybe it's wilful, who can say?
One such is a kitchen design firm, Bracken Bay Kitchens (BBK). Why is
it always phones or home improvements? Ah well.
The man form the UKIC states that the UKIC has received "a number of
complaints about this company and have investigated these." I like that
a lot. He goes on to say "They have admitted that in recent months they
have had problems in meeting the obligations which PECR imposes on them.
However they have told us that they are now taking steps to ensure their
compliance with these regulations."
Well ok, I can empathise with that, in part. But it doesn't take much
to get the TPS data, scrub their own data against it, and therefore not
break the regulations any more. All it takes is a little knowledge, and
it can even be done in M$oft Access in a very few minutes. So my
empathy runs dry quite fast.
That was the history. The bit I find odd, knowing the simplicity of
handling TPS data, is the following from the UKIC: "As the Information
Commissioner's powers are not punitive (we cannot levy fines or close
down
organisations) but are instead focused on ensuring compliance with the
law, we have decided at this stage not to take formal Enforcement
action. However if the Telephone Preference Service and ourselves still
continue to receive complaints about this firm then we will review our
position. As Bracken Bay Kitchens have informed us that their remedial
measures will take effect within the next few weeks we expect to see a
marked improvement by early December."
Well, they could enforce, but if BBK is moving to compliance I see why
they are not doing so. But what I do find to be odd is the huge grace
time they are giving. I see this as a "complete by the end of next week
at the latest" thing. Am I being unrealistic? After all, this is a
law, or in this case a statutory instrument, that is not being complied
with.
"Sorry, Officer, I was having a bit of trouble meeting my speed limit
obligations. I WILL get down to below the speed limit soon. Give me a
couple of hours and I'll find the brake!" Or am I just trying to get
off a speeding ticket?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list
owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list
owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|