JISCMail - DATA-PROTECTION Archives

Duncan Smith on 20 October 2004 at 15:13 said:-

> So yes I could "hide behind confidentiality", and indeed may
> wish to do so
> for very valid e.g. personal safety, reasons.  Although I'm
> not suggesting
> that is the case in the scenario Gwenan put forward.

Personal safety indicates an exemption.

Considering 'servant or agent of the data controller' as indicating the
norm, both scenarios could be correct, so a decision based on the actual
circumstances would be required.


Ian W

> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> Duncan Smith
> Sent: 20 October 2004 15:13
> To: [log in to unmask]
> Subject: Re: Consent
>
>
> ----------------------------------------------------------------
> The information transmitted is intended only for the person
> or entity to
> which it is addressed and may contain confidential and/or privileged
> material.  Any review, retransmission, dissemination or other
> use of, or
> taking of any action in reliance upon, this information by persons or
> entities other than the intended recipient is prohibited.  If
> you received
> this in error, please contact the sender and delete the
> material from any
> computer.
>
> The information contained in this correspondence is not
> intended as legal
> advice or counsel, and is not represented as such by the
> sender.  iCompli
> Ltd. makes no warranties or statements regarding the legal
> acceptability of
> the information presented in this correspondence.  Any
> actions performed as
> a result of this information are of the recipient's own choosing.
> --------------------------------------------------------------
> --------------
> -------------------
>
>
>
> Chris, your comment ...
>
> "The promotions board are not third parties, they are clearly
> acting on
> behalf of the data controller as either employees or agents,
> so the have no
> way of hiding behind confidentiality"
>
> ... may not be correct.
>
> To my knowledge neither the common law of confidentiality nor
> the requisite
> parts of the Data Protection Act 1998 are over-ruled by
> consideration of who
> is, and is not, the data controller.
>
> If an individual puts in a SAR to a data controller, who in
> meeting their
> legal obligations may disclose information about any third
> party i.e. not
> the data subject, then great care should be taken to
> understand what consent
> is in place to disclose, and what implications disclosure (or
> otherwise)
> would have on both the requestor and the third party.
>
> So yes I could "hide behind confidentiality", and indeed may
> wish to do so
> for very valid e.g. personal safety, reasons.  Although I'm
> not suggesting
> that is the case in the scenario Gwenan put forward.
>
>
> Regards,
>
> Duncan S Smith
> Managing Director
> iCompli Limited   Northampton  UK
> T: 08707 70 48 66  F: 08707 70 48 69  M: 07775 56 81 80
> Mailto:[log in to unmask]   Web: www.icompli.co.uk
> "Compliance in your language"

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^