Data Protection News
Some occasional items of Data Protection law news:
- February 2002
The information Commissioner has announced that she will be resigning, or not re-applying for appointment. No shame or runour of dissent..
- November 2001
A brave chap from Wakefield requested his local authority not to release his personal details as recorded on the electoral role, to commercial third parties. The Council refused, in accordance with Government policy. He sued. He won.
The information was required under law, and if he failed to supply the information, he would be disenfranchised. The court held that the data was unlawfully disclosed under the Data Protection Act and in breach of his Human Rights. However convenient it was, the lack of an opt out made it unfair.
- February 2001
Can your employer/ can you as an employer, read an employee's e-mail. There has come to be an apparent conflict beweeen Data Protection Law, Human Rights Law and the rules made under the Regulation of Investigatory Powers Act 2000. This is a field where some serious employer organisations have gone public with some extraordinary views. They assert that if an employee creates an e-mail on their computer system, that gives a right to the employer to read that e-mail.
I think that if an employee walks past a bosses desk with a cup of cofee, and the manager reaches out and takes a swig, this would, at best. be inappropriate. For the manager to argue that, since the company provides the cup, the coffee the water and the heat, it is his, would (I hope) be seen as miserable in the extreme. I do not think that the situation with e-mails should be any different.
In any event the Commissioner is due shortly to issue her guidance for employers. We shall all then face the wonderful task of laying out side by side the Data Protection, Human Rights and RIP issues, and trying to find a way through a fairly dense thicket. Watch this space.
- December 2000 - Freedom of Information Act 2000
The Freedom of Information Act 2000, passed in November and coming into force over a time period extending to 2005, provides for disclosure of information by public authorities or their service providers and amends the Data Protection Act 1998 and the Public Records Act 1958. One consequence is that the Data Protection Commissioner (formerly the Data Protection Registrar) will become the 'Information Commissioner', some time in 2001.
|9 June 1999||I have seen some suggestion that the Data Protection registry might be merged with some other regulatory body. I only caught it in passing so do not know the details (Can a rumour have details)|
|1 June 1999||(Not really News)
The 1998 Act will replace the 1984 Act entirely, once the 1998 Act is brought into effect, the 1984 Act will be repealed entirely. As we stand, the current 'predicted' date for implementation is the end of June 1999. I have yet to meet or talk to anyone who thinks it will be within the next 6 months. My own prediction is that it will be another year. I also predict that within four years, major parts of it will have been shown to be incomprehensible, never mind unenforceable, and to avoid a major trade war with the US, substantial parts may be rethought at EU level.
|11 May 1999||
The first draft Statutory Instruments that will form the DPA 1998 subordinate legislation have just been published on the Home Office CCPD Web site. They are:
The Data Protection (Subject Access Modification) (Education) Order 1999
The Data Protection (Subject Access Modification) (Social Work) Order 1999
The Data Protection (Miscellaneous Subject Access Exemptions) Order 1999
The Data Protection (Crown Appointments) Order 1999
The Data Protection (Functions of Designated Authority) Order 1999
The Data Protection (Fees under section 19(7)) Regulations 1999
These are not earth shattering in importance. One wonders just how many there will be if so many tiny areas of life are to be governed each by a separate regulation under the Act. The Crown Appointments one is relevant only to Trinity College and Churchill College, Cambridge University (as far as HE institutions are concerned), as their Masters are appointed by the Queen. The "Fees under Sec 19(7)" one tells us that it will cost 2 pounds to obtain "a duly certified copy of any data controller's entry on the register".
The web page is
Home Office CCPD site.
Another new Draft SI is The Telecommunications (Data Protection and Privacy) Regulations 1999, to be found at http://www.dti.gov.uk/cii/tdpd/regs2/si.htm.
|31 March 2000
||The new Act comes into effect, at last.