The person can’t be acting in the capacity of a controller, because the s170(1)(a) offence is committed when a person knowingly or recklessly *without the consent of the controller* obtains or discloses personal data.
In your example it is certainly possible the person will have committed a s170 offence.
Jon Baines,
Chair,
NADPO
> On 31 Jul 2018, at 18:38, Duncan Smith <[log in to unmask]> wrote:
>
> SCENARIO:
>
> Members of a club are entitled (contractually/legally) to a list of all other members
> Members are members of the public i.e. operating in a private/personal capacity
> If a Member sells the list of other Members for personal gain, without consent of the Club or other Members, are they in breach of DPA18 S170?
>
> I guess I am looking for clarity on the term 'person' used in the section 'It is an offence for a 'person' knowingly or recklessly' ..
>
> Must this person be acting in the capacity of a controller or processor in oder for the section to apply?
>
> Thanks!
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
> Any queries about sending or receiving messages please send to the list owner
> [log in to unmask]
> Full help Desk - please email [log in to unmask] describing your needs
> To receive these emails in HTML format send the command:
> SET data-protection HTML to [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|