Re: Ah IT 'managers'
AH but @PM from Hell your cheaper (and probably better) consultants probably don't have marketing budgets and the chance to take Execs on Golf days or the like.
Less common these days I know but still important to remember
78 posts • joined 25 Jan 2018
Slight red herring there on document length (albeit very slight) as GDPR doesn't include data being processed for law enforcement and national security purposes.
The 2018 DPA includes both GDPR and the EU Law Enforcement Directive that does the Data Protection stuff for the rozzers and the security services.
That said the 2018 DPA is poorly drafted and a bugger to use!
Try working in the Fire Service.
In a previous life I worked for a Fire Service in the NW of England and as a civilian employee shared an office with uniformed staff.
The average brew count was 4 per hour including several occasions of one being made and not even started before another brew was offered.
In essence I had fresh tea on tap and its a legacy of the uniformed staff being on station so always grabbing a brew as they never knew if theyd get to finish one by being called out.
Its a legacy that persists after they leave too. A good friend is a retired London Fireman and even now after being retired for 15 years he still manage 3 brews an hour and gets the DTs if he doesn't have his mid morning toast between 10-10.30am and a brew and some cake between 3 and 3.30om :)
Births, marriages and deaths are a matter of public record so not quite sure what the issue is with Google using them.
I notice no one bitching about Ancestry.com or the like using exactly the same data in the same way and then charging you for the privilege of accessing them.
I'm no fan of Google but in terms of the use of public records I suspect you are aiming your ire at the wrong target
As someone who has been doing Information Governance as a gig for the last 20 yrs or so I cannot stress enough that GDPR and Data Protection law historically is not about privacy and it never has been,
Anyone who thinks it is has their head up their backside.
Yes there are privacy aspects but the primary concern is the fair and lawful use of personal information, not privacy.
Personally I think the Dutch court has it wrong, a grandmother posting a picture of her grandchild is personal use - she might have been doing it with the subconscious intention of pi$$ing her daughter off but its nothing other than personal use.
Has she posted the same picture and said 'look at his jumper, I made that, would someone like to buy one' then she is clearly straying away from personal into commercial use.
The problem with Data Protection is the way the laws are written allow for the nuance that is necessary in dealing for the day to day use of information and sometimes it creates daft situations like this.
As a VM customer for Mobile and Tv/Broadband/Fixed Line their Mobile Customer Service isn't too bad, certainly no worse than any of the other providers all of whom I have been with over the years.
Less said about their TV etc side of the biz although on the one occasion we had a problem it was sorted reasonably quickly and we received compensation for a loss of service. Still a nightmare trying to speak to anyone though
A key consideration for use of legitimate interests is does it prejudice the rights and freedoms of the individual.
That the individual may not like it or object isn't necessarily enough to show it prejudices their rights or freedoms and so LI might still be applicable.
That said with all things DP context is everything and what works for one situation may not work for another identical type of processing due to the wider circumstances.
they aren't. The DoH aren't sharing personal data so there are zero data protection implications for them.
That Google may choose to profile is a matter for Google and they (Google) would be the data controller as they are the ones collecting and processing personal data.
Sorry but the fault here isn't GDPR, its just p!ss poor data protection controls from these companies and I suspect they'd have been equally as rubbish before GDPR came into effect.
As someone who deals with SARs regularly our first task is always to verify the requestors ID and from what is in the article this seems to be the regular failing.
I would assume he was on restricted duties while the court case took place and now he would be subject to internal disciplinary processes which will probably see him dismissed.
Crude oversimplification I know but if he was alleged to have done this, sacked before the case reached court and then found to be innocent by the courts then the Met would have been up the effluent creek without sufficient rowing equipment for unfair dismissal.
As an aside working with police as I occasionally do they actually do require quite broad access as connections are often made by looking at similar cases which can allow them to create patterns of behaviour to ID suspects.
Its far from a perfect system but the highly restricted and siloed access some are suggesting has the potential to be just as damaging as the current system, particularly in time sensitive cases.
Breach notification isn't mandatory under GDPR despite what some seem to believe. Its dependent on the nature of the breach, the information concerned and the risk of prejudice to the individual the data relates to.
Based on the information here I doubt its a mandatory report but Pizza Hut might report anyway, particularly if there is more to the story than has been disclosed
Explicit consent only applies to special category data (sensitive PD as was under the old act with a couple of extra bits like biometrics) but for uses of 'normal' category data assuming you don't have another condition for processing and you are going with consent then you need 'informed' consent i.e. make people aware of what they are consenting to and why.
Its at that point you need to provide the ability to opt out.
This is why the vast majority of data controllers are avoiding consent like the plague as they often have another basis for processing anyway.
I seem to remember Nokia or some other company did a study back in the 90s/early 00s where they allowed 50% of their staff to use the pre-installed games on windows and the took them off the pcs of the rest when they refreshed their IT kit.
After an initial drop off the staff with the games ended up being more productive. Makes sense as without something to take your mind off the report your writing or the like you will find other ways to waste time whereas those with the games work far harder as they don't want to be seen to be wasting too much time gaming so put in extra effort to get their work done... well that was the theory anyway!
Ah the old 'the law doesn't specifically say we can't so we obviously can' defence.
Newsflash - the law doesn't explicitly say you can't plant land mines in your front garden but I suspect the authorities would take a dim view if you did!!
Icon - well not my fault the postie stepped on to the grass...
Actually not true, simply containing the name doesn=t make it personal data, the Durant ruling makes it quite clear that the information has to be biographical about the individual and the as snagging is about the house not the person, wouldn't make it the person's PD. The person's name would be PD but the stuff about the house wouldn't.
Your example of 'Fred' would be PD - its about him but just mention of a person in an email/document etc. doesn't make that their PD and to say it does is frankly nonsense but since you're playing on the experience and 'I know better than you card' here I guess my 15+ years as a DP Officer in the public sector doing SARs on a daily basis and with DP and FOI qualifications mean less than your experience doing IT in schools.
Mines the one with well thumbed and annotated copies of the DPA98, FOI, DPA2018 and GDPR in the pockets
What is wrong with the old adage if it ain't broke don't fix it?
Yes Office can be frustrating at times but I much prefer the 'out of the box' versions such as 2019 (still happily using 2010 at home) rather than the constantly updated (read as 'oh FFS where have the developers moved (insert function of choice) to now?' version that is 365.
There is also the fact that some users (ie the Boss AKA Mrs Cynical Pie) struggle to use 365 due to the lack of block colours for the tool bars etc. Office 365 may look all clean and modern and shiny but sometimes old school works.
Biting the hand that feeds IT © 1998–2020