I think there is a difference, because of the difference between
"holding" and "processing". FOI is about the records you have of what
happened, and if you have deleted or intended to delete that record then
there is a limit to the usefulness of expensively reconstructing it
(although ICO clearly reserves the right to decree that it must be done
in specific cases). But holding personal information is about what you
could or might do with respect to that person in the future - and so
long as the information is processed in your systems, even if obscurely,
that possibility continues to exist.
Not a legal definition - IANAL - but my instinct for the difference in
approach between the regimes.
Ben
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Andrew Cormack
Sent: 04 August 2011 15:13
To: [log in to unmask]
Subject: Re: [data-protection] IT Back-ups and Personal Data
Further to the previous discussion on long-duration backups, in the
course of carrying out my threat to write up the difference between
backups and archives I've spotted what seems to be a significant
difference in their treatment under FoIA.
While I presume an archive is always likely to be accessible to an FoIA
request, it seems that a backup may not be.
http://www.ico.gov.uk/foikb/PolicyLines/FOIPolicyDeletedelectronicinform
ation.htm seems to be saying that once the original of a file has been
intentionally deleted and the trashcan emptied, any copies that happen
to remain on backups can be ignored for FoIA purposes. So the only time
you actually need to go to a true backup is if the original has been
*accidentally* deleted and you haven't restored it yet.
Have I understood that correctly? And does the same apply to SARs? I
can't find such an explicit statement in the DPA half of the ICO
website.
I note there's a warning against "backups that are actually being used
as a form of storage" though, so presumably the ICO was aware of the
potential loophole ;)
Thanks
Andrew
--
Andrew Cormack, Chief Regulatory Adviser, JANET(UK) Lumen House, Library
Avenue, Harwell, Didcot. OX11 0SG UK
Phone: +44 (0) 1235 822302
Blog: http://webmedia.company.ja.net/edlabblogs/regulatory-developments/
JANET, the UK's education and research network
JANET(UK) is a trading name of The JNT Association, a company limited by
guarantee which is registered in England under No. 2881024 and whose
Registered Office is at Lumen House, Library Avenue, Harwell Science and
Innovation Campus, Didcot, Oxfordshire. OX11 0SG
> -----Original Message-----
> From: Andrew Cormack
> Sent: 19 July 2011 15:25
> To: Bradshaw, Phillip; [log in to unmask]
> Subject: RE: IT Back-ups and Personal Data
>
> I have a theory, which I'd very much welcome comments on, that there
> are three things hiding within what's commonly referred to as "back-
> up":
>
> 1) Recovery from physical failure (e.g. computer, building fire) -
> needs two (because the failure might affect one of them) recent
> snapshots of the file system, preferably with those copies kept in
> separate locations. For this purpose you want the retention period to
> be as short as possible (since it's the period of work you'll give up
> if you have to use the backups - e.g. a weekly backup means you can
> restore to last week's state), though practicality of the amount you
> can back up overnight may mean you may have to build the snapshot from
> interspersed full and incremental backups.
>
> 2) Recovery from human error (e.g. unintended deletion of
> files/emails/etc) - here the retention period is as long as you want
> to allow humans to notice their mistake: weeks or months, perhaps, if
> you're feeling generous. But the longer it is, the more DPA/SAR issues
> you get into, not to mention physical storage space. And in this case
> (unlike (1) above) you want to be able to restore a single e-
> mail/file/directory, which probably means the backup has to be a bit
> more clever, not to mention bigger and slower.
>
> 3) Records management/archiving. Here the aim is to capture evidence
> of past events, so you may actually want multiple copies of the same
> information (or at least proof that it didn't change). Retention
> period is probably set by law, and may vary significantly from one
> type of record to another, but can be years or decades. And as well as
> recovering individual files, you probably want to be able to do all
> sorts of searches (e.g. records relating to building X), so the
> archive has to include lots of metadata as well as the files
> themselves. Again that's an even smarter and larger archive, though
> you should be able to feed only a subset of the files on your disks
into it.
>
> If that's right then it has a number of implications notably, since
> the requirements for each type are different, that a single solution
> is unlikely to be effective in all of them. Indeed they may even
> require different storage media - it's arguable that redundant disks
> could satisfy (1) whereas digital archival over decades can be
> distinctly challenging.
>
> I've always intended to write up these ideas (if only to explain to
> salesmen why I regard the phrase "e-mail archiving" as an oxymoron),
> but have never got round to it. Happy to be encouraged to do so, or
> even happier to be told that someone has already done it better?
>
> Cheers
> Andrew
>
> --
> Andrew Cormack, Chief Regulatory Adviser, JANET(UK) Lumen House,
> Library Avenue, Harwell, Didcot. OX11 0SG UK
> Phone: +44 (0) 1235 822302
> Blog: http://webmedia.company.ja.net/edlabblogs/regulatory-
> developments/
>
> JANET, the UK's education and research network
>
> JANET(UK) is a trading name of The JNT Association, a company limited
> by guarantee which is registered in England under No. 2881024 and
> whose Registered Office is at Lumen House, Library Avenue, Harwell
> Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG
>
> > -----Original Message-----
> > From: This list is for those interested in Data Protection issues
> > [mailto:[log in to unmask]] On Behalf Of Bradshaw,
> Phillip
> > Sent: 19 July 2011 13:18
> > To: [log in to unmask]
> > Subject: Re: IT Back-ups and Personal Data
> >
> > I also agree with Ben. We have a typical incremental and rotational
> > back up process and I think the maximum held is for 5 weeks - rather
> > less than 9 years.
> >
> > 9 years cannot be required for a 'true' back-up - which is for data
> > loss event recovery.
> >
> > It is I suspect a form of archiving to allow retrieval of historical
> > information ( I know some regard this as a secondary purpose of
> 'back-
> > up') , but if that's what is desired DP rules must be complied with,
> > and it cannot supersede other retention rules otherwise there is no
> > point in having them.
> >
> > Makes RM easier to have a single retention period of 9 years though.
> > Perhaps they are onto something after all.
> >
> >
> >
> > Phillip Bradshaw
> >
> >
> > Room CY5C, County Hall
> >
> > Phone: 029 2087 3346
> > Mobile : 07890 265987
> > Fax: 029 2087 3349
> >
> >
> >
> > ________________________________
> >
> > From: This list is for those interested in Data Protection issues
> > [mailto:[log in to unmask]] On Behalf Of Ben Plouviez
> > Sent: 19 July 2011 12:49
> > To: [log in to unmask]
> > Subject: Re: [data-protection] IT Back-ups and Personal Data
> >
> >
> > Steve
> >
> > The simple answer is: don't keep backups for anything like that
> length
> > of time (why would you ever want to go back 9 years?). It seems to
> > me well beyond a "reasonable" period in which to hold data and could
> give
> > rise to a whole set of DP, FOI and other RM issues.
> >
> > if you do keep backup data that long, and have a process whereby
> > that data can be retrieved for business use (otherwise why keep it?)
> > then
> it
> > seems to me that you should indeed be editing your backups in order
> to
> > be able to comply with the 5th Principle.
> >
> >
> > Ben
> >
> >
> > --------------
> > Ben Plouviez
> > Head of KIRM
> > The Scottish Government
> > --------------
> > Sent from my BlackBerry
> >
> >
> > ________________________________
> >
> > From: This list is for those interested in Data Protection issues
> > <[log in to unmask]>
> > To: [log in to unmask] <[log in to unmask]>
> > Sent: Tue Jul 19 11:55:56 2011
> > Subject: [data-protection] IT Back-ups and Personal Data
> >
> >
> > Dear all,
> >
> > I am a bit confused about the scenario below and what to advise. Any
> > thought appreciated.
> >
> > What is the stance to take with regards to IT and server back ups?
> > We keep back ups for 9 years and thus as I understand it are still
> > technically 'processing the data'. Much of the data technically
> > might not still be required - photos, letters etc. Surely we don't
> > have to 'edit the back-up servers on a regular basis s and when data
> > might no longer be required?
> >
> > Regards
> > Steve
> >
> >
> ______________________________________________________________________
> _
> > _______________________________________________
> > Stephen Cotterill
> > Procurement & Technical Officer
> > Broxtowe Borough Council
> >
> >
> >
> > DISCLAIMER:
> > This email and any attachments are confidential and intended solely
> for
> > the use of the individual to whom it is addressed. If you are not
> > the intended recipient be advised that you have received this email
> > in error and that any use, dissemination, forwarding, printing or
> copying
> > of this email is strictly prohibited.
> > If you have received this email in error please contact the IT
> Service
> > Desk at Broxtowe Borough Council on [log in to unmask] or
> > telephone 0115 917 3194.
> > Senders and recipients of email should be aware that, under current
> > legislation, the contents may be monitored and will be retained. The
> > contents of the email may have to be disclosed in response to a
> > request.
> > This disclaimer confirms that this email message has been swept for
> the
> > presence of computer viruses.
> >
> > This email was received from the INTERNET and scanned by the
> Government
> > Secure Intranet anti-virus service supplied by Cable&Wireless
> Worldwide
> > in partnership with MessageLabs. (CCTM Certificate Number
> > 2009/09/0052.) In case of problems, please call your organisation's
> IT
> > Helpdesk.
> > Communications via the GSi may be automatically logged, monitored
> > and/or recorded for legal purposes.
> >
> >
> > *********************************** ********************************
> >
> > This email has been received from an external party and
> >
> > has been swept for the presence of computer viruses.
> >
> > ********************************************************************
> >
> > *******************************************************
> >
> > This e-mail (and any files or other attachments transmitted with it)
> is
> >
> > intended solely for the attention of the addressee(s). Unauthorised
> >
> > use, disclosure, storage, copying or distribution of any part of
> > this
> >
> > e-mail is not permitted. If you are not the intended recipient
> > please
> >
> > destroy the email, remove any copies from your system and inform
> >
> > the sender immediately by return.
> >
> > Communications with the Scottish Government may be monitored or
> >
> > recorded in order to secure the effective operation of the system
> > and
> >
> > for other lawful purposes. The views or opinions contained within
> >
> > this e-mail may not necessarily reflect those of the
> >
> > Scottish Government.
> >
> > ********************************************************
> >
> >
> > The original of this email was scanned for viruses by the Government
> > Secure Intranet virus scanning service supplied by Cable&Wireless
> > Worldwide in partnership with MessageLabs. (CCTM Certificate Number
> > 2009/09/0052.) On leaving the GSi this email was certified virus
> free.
> > Communications via the GSi may be automatically logged, monitored
> > and/or recorded for legal purposes.
> >
> > ________________________________
> >
> > All archives of messages are stored permanently and are available to
> > the world wide web community at large at
> > http://www.jiscmail.ac.uk/lists/data-protection.html
> >
> > Selected commands (the command has been filled in below in the body
> of
> > the email if you are receiving emails in HTML format):
> >
> > * Leaving this list: send leave data-protection to
> > [log in to unmask] <mailto:[log in to unmask]&BODY=LEAVE
> > data-protection>
> > * Suspending emails from all JISCMail lists: send SET * NOMAIL to
> > [log in to unmask] <mailto:[log in to unmask]&BODY=SET *
> > NOMAIL>
> > * To receive emails from this list in text format: send SET data-
> > protection NOHTML to [log in to unmask]
> > <mailto:[log in to unmask]&BODY=SET data-protection NOHTML>
> > * To receive emails from this list in HTML format: send SET data-
> > protection HTML to [log in to unmask]
> > <mailto:[log in to unmask]&BODY=SET data-protection HTML>
> >
> > All user commands can be found at
> > http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the
> body
> > of an otherwise blank email to [log in to unmask]
> >
> > Any queries about sending or receiving messages please send to the
> list
> > owner [log in to unmask]
> >
> > (Please send all commands to [log in to unmask] not the list or
> > the moderators, and all requests for technical help to
> > [log in to unmask], the general office helpline)
> >
> > ________________________________
> >
> > ________________________________
> >
> > All archives of messages are stored permanently and are available to
> > the world wide web community at large at
> > http://www.jiscmail.ac.uk/lists/data-protection.html
> >
> > Selected commands (the command has been filled in below in the body
> of
> > the email if you are receiving emails in HTML format):
> >
> > * Leaving this list: send leave data-protection to
> > [log in to unmask] <mailto:[log in to unmask]&BODY=LEAVE
> > data-protection>
> > * Suspending emails from all JISCMail lists: send SET * NOMAIL to
> > [log in to unmask] <mailto:[log in to unmask]&BODY=SET *
> > NOMAIL>
> > * To receive emails from this list in text format: send SET data-
> > protection NOHTML to [log in to unmask]
> > <mailto:[log in to unmask]&BODY=SET data-protection NOHTML>
> > * To receive emails from this list in HTML format: send SET data-
> > protection HTML to [log in to unmask]
> > <mailto:[log in to unmask]&BODY=SET data-protection HTML>
> >
> > All user commands can be found at
> > http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the
> body
> > of an otherwise blank email to [log in to unmask]
> >
> > Any queries about sending or receiving messages please send to the
> list
> > owner [log in to unmask]
> >
> > (Please send all commands to [log in to unmask] not the list or
> > the moderators, and all requests for technical help to
> > [log in to unmask], the general office helpline)
> >
> > ________________________________
> >
> >
> **********************************************************************
> >
> > Privileged/Confidential Information may be contained in this
message.
> > If you are not the addressee indicated in this message (or
> responsible
> > for delivery of the message to such person), you may not copy or
> > deliver this message to anyone. In such case, you should destroy
> > this message and kindly notify the sender by reply email. Please
> > advise immediately if you or your employer does not consent to
> > Internet
> email
> > for messages of this kind. Opinions, conclusions and other
> information
> > in this message that do not relate to the official business of the
> > Council of the City and County of Cardiff shall be understood as
> > neither given nor endorsed by it. All e-mail sent to or from this
> > address will be processed by Cardiff County Councils Corporate
> > E-mail system and may be subject to scrutiny by someone other than
> > the addressee.
> >
> >
> **********************************************************************
> >
> > Mae'n bosibl bod gwybodaeth gyfrinachol yn y neges hon. Os na
> chyfeirir
> > y neges atoch chi'n benodol (neu os nad ydych chi'n gyfrifol am
> > drosglwyddo'r neges i'r person a enwir), yna ni chewch gopio na
> > throsglwyddo'r neges. Mewn achos o'r fath, dylech ddinistrio'r neges
> a
> > hysbysu'r anfonwr drwy e-bost ar unwaith. Rhowch wybod i'r anfonydd
> ar
> > unwaith os nad ydych chi neu eich cyflogydd yn caniatau e-bost y
> > Rhyngrwyd am negeseuon fel hon. Rhaid deall nad yw'r safbwyntiau, y
> > casgliadau a'r wybodaeth arall yn y neges hon nad ydynt yn cyfeirio
> at
> > fusnes swyddogol Cyngor Dinas a Sir Caerdydd yn cynrychioli barn y
> > Cyngor Sir nad yn cael sel ei fendith. Caiff unrhyw negeseuon a
> anfonir
> > at, neu o'r cyfeiriad e-bost hwn eu prosesu gan system E-bost
> > Gorfforaethol Cyngor Sir Caerdydd a gallant gael eu harchwilio gan
> > rywun heblaw'r person a enwir.
> >
> >
> **********************************************************************
> >
> >
> > --
> > Scanned by iCritical.
> >
> >
> > ________________________________
> >
> > All archives of messages are stored permanently and are available to
> > the world wide web community at large at
> > http://www.jiscmail.ac.uk/lists/data-protection.html
> >
> > Selected commands (the command has been filled in below in the body
> of
> > the email if you are receiving emails in HTML format):
> >
> > * Leaving this list: send leave data-protection to
> > [log in to unmask] <mailto:[log in to unmask]&BODY=LEAVE
> > data-protection>
> > * Suspending emails from all JISCMail lists: send SET * NOMAIL to
> > [log in to unmask] <mailto:[log in to unmask]&BODY=SET *
> > NOMAIL>
> > * To receive emails from this list in text format: send SET data-
> > protection NOHTML to [log in to unmask]
> > <mailto:[log in to unmask]&BODY=SET data-protection NOHTML>
> > * To receive emails from this list in HTML format: send SET data-
> > protection HTML to [log in to unmask]
> > <mailto:[log in to unmask]&BODY=SET data-protection HTML>
> >
> > All user commands can be found at
> > http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the
> body
> > of an otherwise blank email to [log in to unmask]
> >
> > Any queries about sending or receiving messages please send to the
> list
> > owner [log in to unmask]
> >
> > (Please send all commands to [log in to unmask] not the list or
> > the moderators, and all requests for technical help to
> > [log in to unmask], the general office helpline)
> >
> > ________________________________
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask] All user
commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list
owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your
needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
*********************************** ********************************
This email has been received from an external party and has been swept
for the presence of computer viruses.
********************************************************************
The original of this email was scanned for viruses by the Government Secure Intranet virus scanning service supplied by Cable&Wireless Worldwide in partnership with MessageLabs. (CCTM Certificate Number 2009/09/0052.) On leaving the GSi this email was certified virus free.
Communications via the GSi may be automatically logged, monitored and/or recorded for legal purposes.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
