My view
If you take the DPA as it is written it is arguable that anyone can make a
s29 request as long as the reason for the request is for one of the
stipulated purposes. The request should be in writing and declaring the
purpose the data is being sought. A written request is desirable as it
supports the person disclosing by way of evidence that they received a
request declaring the intended purpose.
The assessment of the request and disclosure is under the control of the
data controller and as long as the controllers employee is following their
organizations policies and has a reasonable belief that the data will be
used for declared purpose they can safely make the disclosure.
There is no requirement on the face of the Act to only disclose to those who
have any statutory powers in respect of the purposes defined in section 29.
This is simply an interpretative or policy decision on the part of any data
controller.
Id be interested in hearing others views.
David Wyatt
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Brenda Scourfield
Sent: 29 January 2008 10:13
To: [log in to unmask]
Subject: [data-protection] RSPCA Section 29
Can the RSPCA make a Section 29 Request to our legal department ? They have
no Section 29 form and asked us to send them ours completed.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list
owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your
needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|