Print

Print


Chris,
I would be interested in the articles.

 

Best,

 

Lawrence

 

Lawrence Serewicz BA, MAIS, MAP, PhD

Principal Information Management Officer

Durham County Council

Room /140

County Hall

County Durham

DH1 5UF

 

0191 372 8371

VPN 77778371

 

 

 

From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Chris Brogan
Sent: 07 June 2011 11:19
To: [log in to unmask]
Subject: Re: [data-protection] Using Section 29 Exemptions to share data - Law enforcement authorities only

 

 

 

It is not just the Police that investigate crime. There are numerous bodies out there involved in criminal investigations. Postal Services Commission; office of Fair Trading; Financial services Authority; Gaming Board For Great Britain; Department of Transport; etc, etc, etc . Those organizations subject to RIPA are a good guideline. Many companies do their own prosecutions because the police are too busy or lack the interest/ expertise especially where Fraud investigations are concerned. This is a topic that was discussed at some length in the Magazine “Investigate” published by the Association of British Investigators. If there is enough interest I will seek permission to release the relevant articles.

 

The Fraud Advisory Panel researched this subject of Section 29 Requests for non law enforcement agencies. I have an opinion from one of the solicitors from the ICO in response to this research which I would be happy to share with genuinely interested persons.

 

When the Data Protection Bill was wending its way through parliament the question of whether non law enforcement could make section 29 requests was put to Lord Williams of Mostyn by Lord Norton who was representing The Institute of Loss Adjusters and The Association of British Insurers. Lord Williams did not know but said he would look into the matter and come back to Lord Norton. To the best of my knowledge he never did.

 

I am of the opinion that non law enforcement can make such requests but advise my clients not to respond to such requests. That is because the data controller cannot be certain that the company making the request will comply with the DPA. This in my experience is the case when a commercial investigator makes the request. In that instance I also pose the question as to why the investigator is making the request who is likely to be the data processor and not his client who will be the data controller.

 

I hope the above is of value. Regards

 

 

 

Chris Brogan MA LLM FSyI

Managing Director 

Security International Ltd

130 St Johns Road, Isleworth, Middlesex TW7 6PL, UK

Tel:  +44 20 8847 2111  Fax:  +44 20 8847 1852

Registered in England & Wales No. 1322074

Registered Office:  11 Loveday Road, London W13 9JT

www.securitysi.com

Please visit my blog

https://chrisbroganassociates.wordpress.com/


From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of KPG Professional Services
Sent: 07 June 2011 08:57
To: [log in to unmask]
Subject: Re: Using Section 29 Exemptions to share data - Law enforcement authorities only

 

I agree with Iain here. I would not accept a Section 29 request from anyone other than the police, Council Tax or HMR&C as these are the only really sanctioned and safe disclosurables. When I have had to deal with disclosure for insurance purposes it is always by Court Order or Specification of Documents which is accompanied by an interlocutor signed by a Sheriff (remember I am in Scotland...). Disclosures under S.29 for insurance purposes are really not on as they have no powers of criminal investigation or taxation. If they believe there is a criminal acct being performed, ie fraud, they can call the police in to investigate and then, and only then, can S.29 be used to disclose to the police.

I am just pleased this is only in RoI and not here otherwise this could become quite complicated :O)

K

Kevin Giles
KPG Professional Services
51 Unity Terrace
Perth
PH1 2BG
 
Tel: 07413 934228
 
Web: http://www.kpgprofessionalservices.co.uk



On 07/06/2011 08:50, Harrison, Iain wrote:

Ok-lets look again at this again.

 

" the only basis on which information could be shared for fraud investigations amongst insurance companies and self-insured entities, for example some local councils self-insure, is under a court order or with the explicit consent of the individual involved!"

 

Getting a court order would provide an easy solution what is a often a very vexed sharing question-you effectively have to do it! Job done. If the requesting body want the information badly enough, they will do this.

 

"Explicit consent"-why not just get your fair obtaining clauses/forms in order and record choices properly?

 

I know some EU jurisdictions have a reputation for being a bit restrictive, but this is not really a showstopper.

 

As for the bit about " successful joint/industry fraud investigations", I have seen a few of these sharing initiatives and frankly they do not bear any close scrutiny.

 

Playing devils advocate perhaps…..but.

 

Iain Harrison

Information Governance Officer,
Information Governance Team,

Democratic Services, 
Customer & Workforce Services,

Coventry City Council
Room 21a, Lower Ground Floor,

Council House,
Earl Street
Coventry. CV1 5RR

 

Telephone No: 024 7683 3305

Fax No:          024 7683 3395

 



All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)



All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)





Help protect our environment by only printing this email if absolutely necessary. The information it contains and any files transmitted with it are confidential and are only intended for the person or organisation to whom it is addressed. It may be unlawful for you to use, share or copy the information, if you are not authorised to do so. If you receive this email by mistake, please inform the person who sent it at the above address and then delete the email from your system. Durham County Council takes reasonable precautions to ensure that its emails are virus free. However, we do not accept responsibility for any losses incurred as a result of viruses we might transmit and recommend that you should use your own virus checking procedures.

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)