The Information Commissioner's Office (ICO) published new guidance (pdf) this week that explains its view of what counts as personal data under the Data Protection Act (DPA). Information that is not personal data today may become personal data as technology advances, it says. A landmark ruling in 2003 challenged long-held …
we are so lucky to have the ICO...
to clear up any confusion and not muddy the waters further.
Obscurantism & Inaction
I'd say the ICO are losing the plot and spending too much time worrying how many angels can dance on the head of a pin. And it leads to some bizarre conclusions...
I think most people (the people who pay the piper but don't seem to call the tune), would assume that their email address is protected by the ICO and DPA as "private data". But they'd be wrong! I have had a written ruling from the ICO that an email address is NOT "personal data" - unless it is made up of your full names (initials won't cut it). That means that anyone with a mind to harvest email addresses, or sell on the email addresses in their database to the bad guys, have nothing to fear from the ICO. But then it's not the bad guys who DO fear the ICO, it's honest "data controllers" who have cause for concern!
- SMASH the Bash bug! Apple and Red Hat scramble for patch batches
- BENDY iPhone 6, you say? Pah, warp claims are bent out of shape: Consumer Reports
- NASA rover Curiosity drills HOLE in MARS 'GOLF COURSE'
- WHY did Sunday Mirror stoop to slurping selfies for smut sting?
- Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9