gaz wrote:However in terms of this being an extremely conservative interpretation of he 'rules' I'm not sure that it was. JT was approaching HO as a member, not an official. HO publish figures on national membership. So at what level should we stop disclosing data to avoid a DPA breach, county, borough, town, street, house?
What "substantial unwarranted damage or distress" would be caused to any individual if HO shared the numbers at county, borough, town, level?
DPA does not institute some form of general privacy law for individuals. CTC has a DP policy that clearly states that it will under some circumstances share data within the scope of the act and to invoke DP as a reason NOT to tell a member how many members there are in Peterborough is a nonsense. ime. perfectly reasonable use of data in this context.
I have some DP concerns with HO passing on member details to member groups. Firstly the accuracy of the information provided seems to be in doubt. Secondly how securely do member groups keep the info?
The forum admin have my email. They haven't passed it to HO. They've held it properly in accordance with the forum DP statement
. Some of my local member groups have my e-mail. They haven't held it properly. A number of "notes to all group members" have gone out without using "blind copy" to conceal the e-mail addresses of the other recipients.
But if you've given your email to HO you given consent for it to be shared.... in line with HO DP Policy. The point about not bcc'ing people is often quoted. In this context sharing an email address is a privacy / courtesy issue which doesn't generally fall under the scope of the DPA unless you can show that the "substantial unwarranted damage or distress" test applies. Which I doubt.