Wednesday, 18 January 2017  
border border border
image by George Gardiner
border border
    arrow     Home

Main Menu
News items
- - - - -
Contact us

Lost Password?
ICO publishes technical guidance note on personal data

On 21 August 2007 the Information Commissioner's Office published a technical guidance note on determining what is personal data. This follows the publication by the Article 29 Working Party of its opinion on personal data.

As the ICO confirms in the guidance, there was a need to replace its guidance following the Court of Appeal decision in Durant.

The guidance is presented as a checkist of scenarios, which is a practical way of dealing with the issue and on the whole is easy to follow. While the ICO's guidance is always persuasive and should not be lightly ignored, it is just that. Ultimately the courts (as in the Durant case) will apply the Data Protection Act foremost and will give to the DPA whatever interpretation it considers correct (or will follow any other binding authority).

What is particularly unhelpful in the guidance is the treatment of personal data which has a "biographical significance".

The guidance states: "When considering 'biographical significance', what is important is whetehr the data go beyond recording the individual's casual connection with a matter or event which has no personal connotations for him." Using the example of a memo the ICO seems to suggest that the list of attendees of a meeting may be personal data because it may record an individual's whereabouts at a particular time.

On that basis alone it would seem that any meeting note should not record who was in attendance because if it does so then that note will have to be dealt with as personal data under the DPA, with the attendant precautions applied to it. Are we now in the situation where it would be better not to record who attended a meeting?

It is indeed unfortunate that the ICO has not taken the opportunity to apply a more pragmatic interpretation to this class of data. This is a very narrow interpretation, an approach which the Court of Appeal rejected in Durant.


SPAM . . safeguarding your business interests and reputation

An Edinburgh man, Gordon Dick, has successfully brought an action against an Oxfordshire-based company, Transcom Internet Services Ltd, for the payment of 750 in damages (and some 816 in legal costs) following the receipt of an unsolicited e-mail.

In a move which reflects the growing appetite of consumers to rely on self-help tactics, Mr Dick has not only sued Transcom but he has set up a website to help others pursuing similar claims www.scotchspam.com.

Meanwhile, in December 2005 Nigel Roberts settled his claim against English email and fax marketing company Media Logistics (UK) Limited, accepting 300.

Whether or not these two cases herald an increase in consumer-led litigation similar to the claims against financial institutions for unfair penalty charges remains to be seen.

It does, though, highlight the need to ensure that e-mails sent to individuals have the necessary consents. Getting it wrong could mean significant wasted management time and costs, together with a possible judgement for damages and the adverse publicity which could follow.


Updating websites . . company registration details now required

From 1 January 2007 all companies subject to the Companies Act (1985 and 2006) must ensure that certain information is given on their websites and in the footer of e-mails.

<< Start < Prev 1 2 3 4 5 6 Next > End >>

go to top Go To Top go to top

Copyright reserved
border border border